mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-18 21:11:08 +02:00
8a585bd57a
Import sys-libs/pam 1.5.1 from upstream Gentoo, mainly to address CVE-2020-27780, a flaw in the way it handles empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate. https://github.com/linux-pam/linux-pam/issues/284 https://github.com/linux-pam/linux-pam/pull/300