freebsd-skq

History

des e50db1d5c3 If the user-provided password exceeds the maximum password length, don't

bother passing it to crypt().  It won't succeed and may allow an attacker
to confirm that the user exists.

Reported by:	jkim@
MFC after:	1 week
Security:	CVE-2016-6210

2017-10-26 13:23:13 +00:00

libpam

Upgrade to OpenPAM Radula.

2017-02-20 00:56:46 +00:00

modules

If the user-provided password exceeds the maximum password length, don't

2017-10-26 13:23:13 +00:00

static_libpam

Use LDFLAGS rather than CFLAGS when linking.

2017-03-08 08:25:26 +00:00

Makefile

Simplify building libpam and fix libpam.a not containing the modules since r284345.

2016-04-14 01:17:03 +00:00

Makefile.inc

Replace _pam_verbose_error() with a macro. This was the last difference

2016-06-08 11:47:19 +00:00