Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

pam_pkcs11-0.6.10-2.3 RPM for armv7hl

From OpenSuSE Ports Leap 15.5 for armv7hl

Name: pam_pkcs11 Distribution: openSUSE Step 15
Version: 0.6.10 Vendor: openSUSE
Release: 2.3 Build date: Thu Apr 1 01:20:04 2021
Group: Productivity/Security Build host: armbuild22
Size: 1141001 Source RPM: pam_pkcs11-0.6.10-2.3.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/OpenSC/pam_pkcs11
Summary: PKCS #11 PAM Module
This Linux PAM module allows X.509 a certificate-based user
authentication. The certificate and its dedicated private key are
thereby accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA certificates
as well as online or locally accessible CRLs are used.

Additionally, the package includes pam_pkcs11-related tools:

* pkcs11_eventmgr: Generates actions on card insert, removal, or
  time-out events

* pklogin_finder: Gets the login name that maps to a certificate

* pkcs11_inspect: Inspects the contents of a certificate

* make_hash_links: Creates hash link directories for storing CAs and
CRLs

Provides

Requires

License

LGPL-2.1-or-later

Changelog

* Tue Jan 29 2019 sbrabec@suse.com
  - Update to version 0.6.10:
    * Fix some security issues (thx @frankmorgner):
      https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/
      (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch,
      0002-fixed-buffer-overflow-with-long-home-directory.patch,
      0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch).
    * Fix buffer overflow with long home directory.
    * Fix wiping secrets (now using OpenSSL_cleanse()).
    * Verify using a nonce from the system, not the card.
    * Fix segfalt when checking CRLs
      (drop pam_pkcs11-crl-check.patch).
  - Add rcpkcs11_eventmgr service symlink.
* Fri Aug 17 2018 vcizek@suse.com
  - Address security issues found by X41 D-Sec audit (bsc#1105012)
    * Authentication Replay
    * Buffer Overflow
    * Memory not cleaned properly before free()
  - add patches:
    * 0001-verify-using-a-nonce-from-the-system-not-the-card.patch
    * 0002-fixed-buffer-overflow-with-long-home-directory.patch
    * 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch
* Mon Jul 23 2018 sbrabec@suse.com
  - Fix segfault and fetch problems when checking CRLs
    (pam_pkcs11-crl-check.patch).
* Sun Sep 10 2017 jengelh@inai.de
  - Repair bulletpoint that skidded in description.
    Trim description of %name-devel-doc, it does not cotain
    the programs.
* Wed Aug 09 2017 astieger@suse.com
  - add service file bsc#1049219
* Thu Jul 20 2017 sbrabec@suse.com
  - Updated to version 0.6.9:
    * Upstream web moved.
    * pkcs11_listcerts: Do not fail on certificate error.
    * Do not fail if card was already unlocked.
    * Other bug fixes.
    * Translation updates.
  - Drop upstreamed pam_pkcs11-0.6.8-fix-crypto-cflags.patch.
  - Work around incorrect upstream release process not calling
    "make dist".
  - Split API documentation into a separate package
    pam_pkcs11-devel-doc.
  - Add pam_pkcs11-fsf-address.patch.
* Tue Feb 09 2016 antoine.belvire@laposte.net
  - Fix build for Tumbleweed:
    * Add pam_pkcs11-0.6.8-fix-crypto-cflags.patch
    * Rebuild configure with the bootstrap script (add libtool as
      build dependency)
* Tue Jul 10 2012 sbrabec@suse.cz
  - Updated to version 0.6.8:
    * Code cleanup.
    * Bug fixes.
    * Translation updates.
* Tue Feb 28 2012 sbrabec@suse.cz
  - Change nssdb path to /etc/pki/nssdb (bnc#463469).
  - Make libdir paths in pam_pkcs11.conf biarch-wise.
* Wed Jan 05 2011 sbrabec@suse.cz
  - Updated to version 0.6.6:
    * Compatible with pcsc-lite-1.6.
    * New mapper API.
    * Minor fixes.
    * Translaton updates.

Files

/etc/pam.d/common-auth-smartcard
/etc/pam_pkcs11
/etc/pam_pkcs11/cacerts
/etc/pam_pkcs11/card_eventmgr.conf
/etc/pam_pkcs11/crls
/etc/pam_pkcs11/pam_pkcs11.conf
/etc/pam_pkcs11/pkcs11_eventmgr.conf
/lib/security/pam_pkcs11.so
/usr/bin/card_eventmgr
/usr/bin/pkcs11_eventmgr
/usr/bin/pkcs11_inspect
/usr/bin/pkcs11_listcerts
/usr/bin/pkcs11_make_hash_link
/usr/bin/pkcs11_setup
/usr/bin/pklogin_finder
/usr/lib/pam_pkcs11
/usr/lib/pam_pkcs11/ldap_mapper.so
/usr/lib/pam_pkcs11/opensc_mapper.so
/usr/lib/pam_pkcs11/openssh_mapper.so
/usr/lib/systemd/system/pkcs11_eventmgr.service
/usr/sbin/rcpkcs11_eventmgr
/usr/share/doc/packages/pam_pkcs11
/usr/share/doc/packages/pam_pkcs11/AUTHORS
/usr/share/doc/packages/pam_pkcs11/COPYING
/usr/share/doc/packages/pam_pkcs11/ChangeLog
/usr/share/doc/packages/pam_pkcs11/ChangeLog.git
/usr/share/doc/packages/pam_pkcs11/NEWS
/usr/share/doc/packages/pam_pkcs11/README
/usr/share/doc/packages/pam_pkcs11/README.autologin
/usr/share/doc/packages/pam_pkcs11/README.mappers
/usr/share/doc/packages/pam_pkcs11/README.md
/usr/share/doc/packages/pam_pkcs11/TODO
/usr/share/doc/packages/pam_pkcs11/card_eventmgr.conf.example
/usr/share/doc/packages/pam_pkcs11/digest_mapping.example
/usr/share/doc/packages/pam_pkcs11/mail_mapping.example
/usr/share/doc/packages/pam_pkcs11/mappers_api.html
/usr/share/doc/packages/pam_pkcs11/pam.d_login.example
/usr/share/doc/packages/pam_pkcs11/pam_pkcs11.conf.example
/usr/share/doc/packages/pam_pkcs11/pam_pkcs11.html
/usr/share/doc/packages/pam_pkcs11/pkcs11_eventmgr.conf.example
/usr/share/doc/packages/pam_pkcs11/subject_mapping.example
/usr/share/locale/de/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/fr/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/it/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/nl/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/pl/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/pt_BR/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/ru/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/tr/LC_MESSAGES/pam_pkcs11.mo
/usr/share/man/man1/card_eventmgr.1.gz
/usr/share/man/man1/pkcs11_eventmgr.1.gz
/usr/share/man/man1/pkcs11_inspect.1.gz
/usr/share/man/man1/pkcs11_listcerts.1.gz
/usr/share/man/man1/pkcs11_make_hash_link.1.gz
/usr/share/man/man1/pkcs11_setup.1.gz
/usr/share/man/man1/pklogin_finder.1.gz
/usr/share/man/man8/pam_pkcs11.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 18:42:22 2024