pam 1.5.3-5ubuntu5.4 source package in Ubuntu
Changelog
pam (1.5.3-5ubuntu5.4) noble-security; urgency=medium
* SECURITY UPDATE: privilege escalation via pam_namespace
- debian/patches/pam_namespace_170.patch: sync pam_namespace module to
version 1.7.0.
- debian/patches/pam_namespace_post170-*.patch: add post-1.7.0 changes
from upstream git tree.
- debian/patches/pam_namespace_revert_abi.patch: revert ABI change to
prevent unintended issues in running daemons.
- debian/patches/CVE-2025-6020-1.patch: fix potential privilege
escalation.
- debian/patches/CVE-2025-6020-2.patch: add flags to indicate path
safety.
- debian/patches/CVE-2025-6020-3.patch: secure_opendir: do not look at
the group ownership.
- debian/patches/pam_namespace_o_directory.patch: removed, included in
patch cluster above.
- CVE-2025-6020
-- Marc Deslauriers <email address hidden> Thu, 12 Jun 2025 10:45:28 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Noble
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pam_1.5.3.orig.tar.xz | 996.2 KiB | 7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283 |
| pam_1.5.3-5ubuntu5.4.debian.tar.xz | 198.3 KiB | d398291747c88fb4bb621d80be1aa998b6997d7e25923ec1a064abff2bde1df3 |
| pam_1.5.3-5ubuntu5.4.dsc | 2.7 KiB | 37e51bb493fa7733f869450dd8dbd6cff80d1593f1bcd52b06b0459469a17946 |
Available diffs
Binary packages built by this source
- libpam-doc: Documentation of PAM
Contains documentation (in HTML, ASCII, and PostScript format) for libpam,
the Pluggable Authentication Modules library, a library that enables the
local system administrator to choose how applications authenticate users.
- libpam-modules: Pluggable Authentication Modules for PAM
This package completes the set of modules for PAM. It includes the
pam_unix.so module as well as some specialty modules.
- libpam-modules-bin: Pluggable Authentication Modules for PAM - helper binaries
This package contains helper binaries used by the standard set of PAM
modules in the libpam-modules package.
- libpam-modules-bin-dbgsym: debug symbols for libpam-modules-bin
- libpam-modules-dbgsym: debug symbols for libpam-modules
- libpam-runtime: Runtime support for the PAM library
Contains configuration files and directories required for
authentication to work on Debian systems. This package is required
on almost all installations.
- libpam0g: Pluggable Authentication Modules library
Contains the shared library for Linux-PAM, a library that enables the
local system administrator to choose how applications authenticate users.
In other words, without rewriting or recompiling a PAM-aware application,
it is possible to switch between the authentication mechanism(s) it uses.
One may entirely upgrade the local authentication system without touching
the applications themselves.
- libpam0g-dbgsym: debug symbols for libpam0g
- libpam0g-dev: Development files for PAM
Contains C header files and development libraries for libpam, the Pluggable
Authentication Modules, a library that enables the local system
administrator to choose how applications authenticate users.
.
PAM decouples applications from the authentication mechanism, making it
possible to upgrade the authentication system without recompiling or
rewriting the applications.
