-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 10 Feb 2025 21:06:21 +0100
Source: pam-pkcs11
Binary: libpam-pkcs11 libpam-pkcs11-dbgsym
Architecture: amd64
Version: 0.6.12-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 libpam-pkcs11 - Fully featured PAM module for using PKCS#11 smart cards
Closes: 1095402
Changes:
 pam-pkcs11 (0.6.12-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fixed possible authentication bypass: Don't return PAM_IGNORE
     (CVE-2025-24531) (Closes: #1095402)
   * fixed possible authentication bypass: Use signatures to verify
     authentication by default (CVE-2025-24032)
   * Update configuration files for the CVE-2025-24032 fix
Checksums-Sha1:
 f881732abc9e563608ff4cc1f87dbf27c39e4bc3 765576 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_amd64.deb
 01a4709274c813ac1a6ba3d54f8e33498b0ad7e4 150028 libpam-pkcs11_0.6.12-1+deb12u1_amd64.deb
 b97e5a5c3c786fa6c76d6893a0dca6f68a6f1498 6955 pam-pkcs11_0.6.12-1+deb12u1_amd64-buildd.buildinfo
Checksums-Sha256:
 7b2d31218c523d5272214592b08cc5b964c4a47639a67c7f7156bb009fc70137 765576 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_amd64.deb
 3c0de212db8bd5e2632af67c27d1eaefc0e5608a155dbafaf520765ad1fceea8 150028 libpam-pkcs11_0.6.12-1+deb12u1_amd64.deb
 a97f35a263004c5b3e7c06df80d6f3d9780338abf613efc82dea75173ec85e5a 6955 pam-pkcs11_0.6.12-1+deb12u1_amd64-buildd.buildinfo
Files:
 627202fa6c507b386e50f0f3586b62c3 765576 debug optional libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_amd64.deb
 657eac56e32d180df8822d7ff5087aee 150028 admin optional libpam-pkcs11_0.6.12-1+deb12u1_amd64.deb
 07ab70d607cbfb34f32df9de4ac7efa2 6955 admin optional pam-pkcs11_0.6.12-1+deb12u1_amd64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEGBeuno8wiDXCewDuqqLQG5ksqMMFAmeqZgMACgkQqqLQG5ks
qMM39A//a740gE/aQd5vuqbrbtyz/MVQPNMfu8xUwrWUKt/7G0Sa4ZtPqSx+V126
BR9XcgGKXtr3pYRm34l/poprRJDGod7owT4qaz9NctiB2GGzSc5tPulDM7H2TGaR
5Ec5eLqGBFAIskcWytYzLfX4OEhO8KNb8IW8X/uDI22kVEOaYFzQlfiJ2iM64lCm
tjPBM2dddz15JGSJfpB+HKXmAUWlWs62P7in9ZfMvuR5WBcdo6xthpM7I7U55Mv7
OeneBjBQ0xaM6Q0mCLJRFfseh334nknFGZq9L5ACvqSFCknsXW5CS1aC4kVV4+eF
2HvMQVBcFksxb7AyzAaTAHvAWF+UI6FkflySaWxEf4iVOj7l6TF7JuMs6ndjvCMs
kt2cvXQQ2FDDoRnPMvkruBA8R6AA0XhZbeSJ0M4ItMcNRMs6nxy/d3G5GKyv/mAh
ImNEkHb2rmQh/D6WnNY8iuUYSI73p67uga6+lmBU2CsP0GoqOh5u5XZIafe6aj1k
NEjtrjDlLBrFvcaN5arcleFAsPbWE0/zsoaE9Ae11GWtpALba1ucNdatwoofwErZ
SdQH7NA7minQ86TlJs0q01X3A+bCfPZN+oBuLOMQa9dohG7NqKi3QBCGzsUe3gbJ
powhULXaEBBO57Bv8M1pyiMZCXrfkk2BrC03Vp1vKbuuRdDMA2k=
=6Obf
-----END PGP SIGNATURE-----