diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2015-06-22 14:53:01 +0200 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2015-06-22 14:53:01 +0200 |
| commit | e89d4c97385ff8180e6e81e84c5aa745daf28a79 (patch) | |
| tree | 17ef8bacb38a0f60a7476420ab62627cc8af440c /po/fa.po | |
| parent | f4fbbbcc52696d67ebe57ee8214fbbdf4c479dbc (diff) | |
| download | pam-e89d4c97385ff8180e6e81e84c5aa745daf28a79.tar.gz pam-e89d4c97385ff8180e6e81e84c5aa745daf28a79.tar.bz2 pam-e89d4c97385ff8180e6e81e84c5aa745daf28a79.zip | |
Release version 1.2.1
Security fix: CVE-2015-3238
If the process executing pam_sm_authenticate or pam_sm_chauthtok method
of pam_unix is not privileged enough to check the password, e.g.
if selinux is enabled, the _unix_run_helper_binary function is called.
When a long enough password is supplied (16 pages or more, i.e. 65536+
bytes on a system with 4K pages), this helper function hangs
indefinitely, blocked in the write(2) call while writing to a blocking
pipe that has a limited capacity.
With this fix, the verifiable password length will be limited to
PAM_MAX_RESP_SIZE bytes (i.e. 512 bytes) for pam_exec and pam_unix.
* NEWS: Update
* configure.ac: Bump version
* modules/pam_exec/pam_exec.8.xml: document limitation of password length
* modules/pam_exec/pam_exec.c: limit password length to PAM_MAX_RESP_SIZE
* modules/pam_unix/pam_unix.8.xml: document limitation of password length
* modules/pam_unix/pam_unix_passwd.c: limit password length
* modules/pam_unix/passverify.c: Likewise
* modules/pam_unix/passverify.h: Likewise
* modules/pam_unix/support.c: Likewise
Diffstat (limited to 'po/fa.po')
| -rw-r--r-- | po/fa.po | 22 |
1 files changed, 11 insertions, 11 deletions
@@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: Linux-PAM\n" "Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n" -"POT-Creation-Date: 2015-03-25 16:52+0100\n" +"POT-Creation-Date: 2015-06-22 14:16+0200\n" "PO-Revision-Date: 2011-11-30 11:56+0000\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: Persian (http://www.transifex.com/projects/p/fedora/language/" @@ -242,12 +242,12 @@ msgid "contains the user name in some form" msgstr "" #: modules/pam_cracklib/pam_cracklib.c:701 -#: modules/pam_unix/pam_unix_passwd.c:494 +#: modules/pam_unix/pam_unix_passwd.c:501 msgid "No password supplied" msgstr "" #: modules/pam_cracklib/pam_cracklib.c:701 -#: modules/pam_unix/pam_unix_passwd.c:494 +#: modules/pam_unix/pam_unix_passwd.c:501 msgid "Password unchanged" msgstr "" @@ -370,7 +370,7 @@ msgid "Unable to create and initialize directory '%s'." msgstr "" #: modules/pam_pwhistory/pam_pwhistory.c:217 -#: modules/pam_unix/pam_unix_passwd.c:515 +#: modules/pam_unix/pam_unix_passwd.c:522 msgid "Password has been already used. Choose another." msgstr "" @@ -540,31 +540,31 @@ msgstr[0] "" msgid "Warning: your password will expire in %d days" msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:396 +#: modules/pam_unix/pam_unix_passwd.c:403 msgid "NIS password could not be changed." msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:511 +#: modules/pam_unix/pam_unix_passwd.c:518 msgid "You must choose a longer password" msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:618 +#: modules/pam_unix/pam_unix_passwd.c:625 #, c-format msgid "Changing password for %s." msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:629 +#: modules/pam_unix/pam_unix_passwd.c:636 msgid "(current) UNIX password: " msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:664 +#: modules/pam_unix/pam_unix_passwd.c:671 msgid "You must wait longer to change your password" msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:724 +#: modules/pam_unix/pam_unix_passwd.c:731 msgid "Enter new UNIX password: " msgstr "" -#: modules/pam_unix/pam_unix_passwd.c:725 +#: modules/pam_unix/pam_unix_passwd.c:732 msgid "Retype new UNIX password: " msgstr "" |