Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: pam_pkcs11 | Distribution: openSUSE Step 15 |
Version: 0.6.10 | Vendor: openSUSE |
Release: 2.3 | Build date: Thu Apr 1 01:20:04 2021 |
Group: Productivity/Security | Build host: armbuild22 |
Size: 1141001 | Source RPM: pam_pkcs11-0.6.10-2.3.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://github.com/OpenSC/pam_pkcs11 | |
Summary: PKCS #11 PAM Module |
This Linux PAM module allows X.509 a certificate-based user authentication. The certificate and its dedicated private key are thereby accessed by means of an appropriate PKCS #11 module. For the verification of the users' certificates, locally stored CA certificates as well as online or locally accessible CRLs are used. Additionally, the package includes pam_pkcs11-related tools: * pkcs11_eventmgr: Generates actions on card insert, removal, or time-out events * pklogin_finder: Gets the login name that maps to a certificate * pkcs11_inspect: Inspects the contents of a certificate * make_hash_links: Creates hash link directories for storing CAs and CRLs
LGPL-2.1-or-later
* Tue Jan 29 2019 sbrabec@suse.com - Update to version 0.6.10: * Fix some security issues (thx @frankmorgner): https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/ (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch, 0002-fixed-buffer-overflow-with-long-home-directory.patch, 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch). * Fix buffer overflow with long home directory. * Fix wiping secrets (now using OpenSSL_cleanse()). * Verify using a nonce from the system, not the card. * Fix segfalt when checking CRLs (drop pam_pkcs11-crl-check.patch). - Add rcpkcs11_eventmgr service symlink. * Fri Aug 17 2018 vcizek@suse.com - Address security issues found by X41 D-Sec audit (bsc#1105012) * Authentication Replay * Buffer Overflow * Memory not cleaned properly before free() - add patches: * 0001-verify-using-a-nonce-from-the-system-not-the-card.patch * 0002-fixed-buffer-overflow-with-long-home-directory.patch * 0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch * Mon Jul 23 2018 sbrabec@suse.com - Fix segfault and fetch problems when checking CRLs (pam_pkcs11-crl-check.patch). * Sun Sep 10 2017 jengelh@inai.de - Repair bulletpoint that skidded in description. Trim description of %name-devel-doc, it does not cotain the programs. * Wed Aug 09 2017 astieger@suse.com - add service file bsc#1049219 * Thu Jul 20 2017 sbrabec@suse.com - Updated to version 0.6.9: * Upstream web moved. * pkcs11_listcerts: Do not fail on certificate error. * Do not fail if card was already unlocked. * Other bug fixes. * Translation updates. - Drop upstreamed pam_pkcs11-0.6.8-fix-crypto-cflags.patch. - Work around incorrect upstream release process not calling "make dist". - Split API documentation into a separate package pam_pkcs11-devel-doc. - Add pam_pkcs11-fsf-address.patch. * Tue Feb 09 2016 antoine.belvire@laposte.net - Fix build for Tumbleweed: * Add pam_pkcs11-0.6.8-fix-crypto-cflags.patch * Rebuild configure with the bootstrap script (add libtool as build dependency) * Tue Jul 10 2012 sbrabec@suse.cz - Updated to version 0.6.8: * Code cleanup. * Bug fixes. * Translation updates. * Tue Feb 28 2012 sbrabec@suse.cz - Change nssdb path to /etc/pki/nssdb (bnc#463469). - Make libdir paths in pam_pkcs11.conf biarch-wise. * Wed Jan 05 2011 sbrabec@suse.cz - Updated to version 0.6.6: * Compatible with pcsc-lite-1.6. * New mapper API. * Minor fixes. * Translaton updates.
/etc/pam.d/common-auth-smartcard /etc/pam_pkcs11 /etc/pam_pkcs11/cacerts /etc/pam_pkcs11/card_eventmgr.conf /etc/pam_pkcs11/crls /etc/pam_pkcs11/pam_pkcs11.conf /etc/pam_pkcs11/pkcs11_eventmgr.conf /lib/security/pam_pkcs11.so /usr/bin/card_eventmgr /usr/bin/pkcs11_eventmgr /usr/bin/pkcs11_inspect /usr/bin/pkcs11_listcerts /usr/bin/pkcs11_make_hash_link /usr/bin/pkcs11_setup /usr/bin/pklogin_finder /usr/lib/pam_pkcs11 /usr/lib/pam_pkcs11/ldap_mapper.so /usr/lib/pam_pkcs11/opensc_mapper.so /usr/lib/pam_pkcs11/openssh_mapper.so /usr/lib/systemd/system/pkcs11_eventmgr.service /usr/sbin/rcpkcs11_eventmgr /usr/share/doc/packages/pam_pkcs11 /usr/share/doc/packages/pam_pkcs11/AUTHORS /usr/share/doc/packages/pam_pkcs11/COPYING /usr/share/doc/packages/pam_pkcs11/ChangeLog /usr/share/doc/packages/pam_pkcs11/ChangeLog.git /usr/share/doc/packages/pam_pkcs11/NEWS /usr/share/doc/packages/pam_pkcs11/README /usr/share/doc/packages/pam_pkcs11/README.autologin /usr/share/doc/packages/pam_pkcs11/README.mappers /usr/share/doc/packages/pam_pkcs11/README.md /usr/share/doc/packages/pam_pkcs11/TODO /usr/share/doc/packages/pam_pkcs11/card_eventmgr.conf.example /usr/share/doc/packages/pam_pkcs11/digest_mapping.example /usr/share/doc/packages/pam_pkcs11/mail_mapping.example /usr/share/doc/packages/pam_pkcs11/mappers_api.html /usr/share/doc/packages/pam_pkcs11/pam.d_login.example /usr/share/doc/packages/pam_pkcs11/pam_pkcs11.conf.example /usr/share/doc/packages/pam_pkcs11/pam_pkcs11.html /usr/share/doc/packages/pam_pkcs11/pkcs11_eventmgr.conf.example /usr/share/doc/packages/pam_pkcs11/subject_mapping.example /usr/share/locale/de/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/fr/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/it/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/nl/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/pl/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/pt_BR/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/ru/LC_MESSAGES/pam_pkcs11.mo /usr/share/locale/tr/LC_MESSAGES/pam_pkcs11.mo /usr/share/man/man1/card_eventmgr.1.gz /usr/share/man/man1/pkcs11_eventmgr.1.gz /usr/share/man/man1/pkcs11_inspect.1.gz /usr/share/man/man1/pkcs11_listcerts.1.gz /usr/share/man/man1/pkcs11_make_hash_link.1.gz /usr/share/man/man1/pkcs11_setup.1.gz /usr/share/man/man1/pklogin_finder.1.gz /usr/share/man/man8/pam_pkcs11.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 18:42:22 2024