Debian Package Tracker

general

source: pam (source, libs)
version: 1.1.8-3.6
maintainer: Steve Langasek [DMD]
uploaders: Roger Leigh [DMD] – Sam Hartman [DMD]
arch: all any
std-ver: 3.9.8
VCS: Bazaar (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.3-7.1
oldstable: 1.1.8-3.1+deb8u2
stable: 1.1.8-3.6
testing: 1.1.8-3.6
unstable: 1.1.8-3.6

versioned links

1.1.3-7.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.8-3.1+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.8-3.6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libpam-cracklib
libpam-doc
libpam-modules
libpam-modules-bin
libpam-runtime
libpam0g
libpam0g-dev

action needed

A new upstream version is available: 1.3.0

high

A new upstream version 1.3.0 is available, you should consider packaging it.

Created: 2017-01-17 Last update: 2017-07-28 06:18

Depends on packages which need a new maintainer

normal

The packages that pam depends on which need a new maintainer are:

docbook-xsl (#802370)
- Build-Depends: docbook-xsl
docbook-xml (#802368)
- Build-Depends: docbook-xml

Created: 2015-10-20 Last update: 2017-07-28 06:23

15 bugs tagged patch in the BTS

normal

The BTS contains patches fixing 15 bugs (17 if counting merged bugs), consider including or untagging them.

Created: 2017-01-17 Last update: 2017-07-28 06:03

lintian reports 2 warnings

normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2014-07-03 Last update: 2016-06-03 00:51

Multiarch hinter reports 1 issue(s)

low

There are issues with the multiarch metadata for this package.

libpam-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2017-07-28 06:28

3 ignored security issues in wheezy

low

There are 3 open security issues in wheezy.

3 issues skipped by the security teams:

CVE-2014-2583: Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.
CVE-2013-7041: The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.
CVE-2015-3238: The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.

Please fix them.

Created: 2015-07-12 Last update: 2017-06-18 08:29

Build log checks report 1 warning

low

Build log checks report 1 warning

Created: 2014-07-02 Last update: 2014-07-02 18:05

news

[rss feed]

[2017-06-02] pam 1.1.8-3.6 MIGRATED to testing (Debian testing watch)
[2017-05-27] Accepted pam 1.1.8-3.6 (source) into unstable (Adrian Bunk)
[2017-01-15] pam 1.1.8-3.5 MIGRATED to testing (Debian testing watch)
[2017-01-04] Accepted pam 1.1.8-3.5 (source) into unstable (Adam Borowski) (signed by: Christoph Berg)
[2016-12-31] pam 1.1.8-3.4 MIGRATED to testing (Debian testing watch)
[2016-12-20] Accepted pam 1.1.8-3.4 (source) into unstable (Adam Borowski)
[2016-11-13] Accepted pam 1.1.8-3.1+deb8u2 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Evgeni Golov)
[2016-06-07] pam 1.1.8-3.3 MIGRATED to testing (Debian testing watch)
[2016-06-02] Accepted pam 1.1.8-3.3 (source amd64 all) into unstable (Laurent Bigonville)
[2016-01-12] pam 1.1.8-3.2 MIGRATED to testing (Debian testing watch)
[2016-01-09] Accepted pam 1.1.8-3.1+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Tianon Gravi)
[2016-01-07] Accepted pam 1.1.8-3.2 (source) into unstable (Tianon Gravi)
[2014-08-28] pam 1.1.8-3.1 MIGRATED to testing (Britney)
[2014-08-25] Accepted pam 1.1.8-3.1 (source amd64 all) into unstable (Michael Gilbert)
[2014-04-18] pam 1.1.8-3 MIGRATED to testing (Debian testing watch)
[2014-04-08] Accepted pam 1.1.8-3 (source amd64 all) (Steve Langasek)
[2014-02-19] pam 1.1.8-2 MIGRATED to testing (Debian testing watch)
[2014-02-13] Accepted pam 1.1.8-2 (source amd64 all) (Steve Langasek)
[2014-01-16] Accepted pam 1.1.8-1 (source amd64 all) (Steve Langasek)
[2014-01-14] Accepted pam 1.1.3-11 (source amd64 all) (Steve Langasek)
[2013-10-21] Accepted pam 1.1.3-10 (source amd64 all) (Steve Langasek)
[2013-05-05] pam 1.1.3-9 MIGRATED to testing (Debian testing watch)
[2013-02-12] Accepted pam 1.1.3-9 (source amd64 all) (Steve Langasek)
[2013-02-12] Accepted pam 1.1.3-8 (source amd64 all) (Steve Langasek)
[2012-05-15] pam 1.1.3-7.1 MIGRATED to testing (Debian testing watch)
[2012-05-04] Accepted pam 1.1.3-7.1 (source all amd64) (Michael Gilbert)
[2012-02-08] pam 1.1.3-7 MIGRATED to testing (Debian testing watch)
[2012-01-28] Accepted pam 1.1.3-7 (source all amd64) (Steve Langasek)
[2011-11-17] pam 1.1.3-6 MIGRATED to testing (Debian testing watch)
[2011-11-07] Accepted pam 1.1.3-6 (source all amd64) (Steve Langasek)

bugs [bug history graph]

all: 93 98
RC: 0
I&N: 50 54
M&W: 43 44
F&P: 0

links

homepage
lintian (0, 2)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.1.8-3.2ubuntu3
50 bugs (8 patches)
patches for 1.1.8-3.2ubuntu3