-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 10 Feb 2025 21:06:21 +0100 Source: pam-pkcs11 Binary: libpam-pkcs11 libpam-pkcs11-dbgsym Architecture: mipsel Version: 0.6.12-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Salvatore Bonaccorso Description: libpam-pkcs11 - Fully featured PAM module for using PKCS#11 smart cards Closes: 1095402 Changes: pam-pkcs11 (0.6.12-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Fixed possible authentication bypass: Don't return PAM_IGNORE (CVE-2025-24531) (Closes: #1095402) * fixed possible authentication bypass: Use signatures to verify authentication by default (CVE-2025-24032) * Update configuration files for the CVE-2025-24032 fix Checksums-Sha1: 7640cdb9f605e870d65cb1113349bb58797a851f 708436 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_mipsel.deb e20ea6615fb62a7da33487a2fc742e4bade45ee1 141544 libpam-pkcs11_0.6.12-1+deb12u1_mipsel.deb 811f21014838d5876b61bb2df3cfbba9157f3c50 6784 pam-pkcs11_0.6.12-1+deb12u1_mipsel-buildd.buildinfo Checksums-Sha256: c2816caf7881c3e188f2eae22184eaf23bc23998d59f79a048382d2d42a8bd77 708436 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_mipsel.deb 8755218999443297d2ca22afc9128b2cb32925525ce5a2a518be97d050451ebb 141544 libpam-pkcs11_0.6.12-1+deb12u1_mipsel.deb f223d903da1f729e60a22a107cbbffc43091fb5fca8dccbc2f6b1b5d82f1ca70 6784 pam-pkcs11_0.6.12-1+deb12u1_mipsel-buildd.buildinfo Files: 6befae606f2368463d747e900fce7706 708436 debug optional libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_mipsel.deb d0948e352400bdbf5442d3d7b5e0ab8a 141544 admin optional libpam-pkcs11_0.6.12-1+deb12u1_mipsel.deb d75ee5cfc94fde82450622af68316571 6784 admin optional pam-pkcs11_0.6.12-1+deb12u1_mipsel-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEunmvxaaGKuI+hxxClmZGXOM83t8FAmeqZ30ACgkQlmZGXOM8 3t8azA/+Nd8HJ/5+lfOq5czg1tEHFV0Bq9CbmseuDVLrYzHuIzwzOozqXqRcMQou I+McYKtZMYPA4Z3s4+3MaPT/4UznY16lPiSVnNcpMszBuYgYgvO7xMW4UEDFzzFM 79M3Z0nS83sjFZp1tBROKAIHT/Scs3Os+hm+5d4+UL2hzsCGxTx/YWTuyRmAnYkM 5NabPgtizmpdhjiQiVrWxXWTRxBDHMP+ctJ2GPbMZRuoH/Ax8zySUgtC88HlcI4P 17mZpd1cA4MBNYGUhQ1LHOtfnwEJJcYMbGX5CrRhXtdmabUgDZDjtgb2NwovEp/o 8mZdH+z4fG6HGEEX/CT5b+mv1kGJl7uSmnEwOJjzVvyCJO6AVy9ERyVYu3IPCOLS 3EYB7aphExOpJJ4t8wNqYyza3cuIyx3eXlTOsIARJuIB5GaM9vsKsQWb7/WFnlEj QJxAmPAgZjamxpX5d7ZVyh8ZoxQT780Sv985fqnmcrGon0LM5mCqLBtE0Lrd5/Ff HRoHiNlFpC/n7QObBtIk0+/6uga2cuI62u3cp0f+OPW/qQqZtQTa5s/HHfNhQsEo gyb3HV0sryu144TQLGq05SXs5iYgmpuRYcCzDrl5g7qqAhlWA3C5c1CoH6YBJvb6 pMSqL2M0/OsNMgPhcdKRHCMFZKjcHZFj9IuxB55mIegpftjkGmA= =YgWG -----END PGP SIGNATURE-----