Move to the latest release of linux-pam. This allows us to remove
a number of patches and consolidate the existing ones :
- 0001-configure.patch
- 0007-rhosts.patch
these two patches deal with the ruserok function, which is not
usable with uclibc. Consolidated into
0002-Conditionally-compile-per-ruserok-availability.patch.
- 0003-group.patch
- 0005-succeed.patch
- 0006-time.patch
these three patches deal with the innetgr function, which is not
usable with uclibc. Consolidated into
0003-Conditionally-compile-per-innetgr-availability.patch.
- 0004-mkdir.patch
Fixed in upstream, no longer required.
- 0002-doc-makefile-am.patch
renamed to 0001-doc-makefile-am.patch.
- 0008-fix-CVE-2014-2583.patch
- 0009-fix-CVE-2013-7041.patch
These patches are already included in the new release and so
can be safely deleted.
Signed-off-by: Brendan Heading <brendanheading@gmail.com>
Tested-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To fix:
CVE-2013-7041 - use case sensitive comparison in pam_userdb
CVE-2014-2583 - potential path traversal issue in pam_timestamp
Also add hash file (computed, the hash files upstream cover up to 1.1.7)
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
