GNU bug report logs - #75640
[PATCH] gnu: Update pam-u2f to 3.1.2

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Lesik Edelweiss <lesikedelweiss <at> disroot.org>
Subject: bug#75640: closed (Re: [bug#75640] [PATCH] gnu: Update pam-u2f to
 3.1.2)
Date: Sat, 18 Jan 2025 14:30:05 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#75640: [PATCH] gnu: Update pam-u2f to 3.1.2

which was filed against the guix-patches package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 75640 <at> debbugs.gnu.org.

-- 
75640: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=75640
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Hilton Chain <hako <at> ultrarare.space>
To: Lesik Edelweiss <lesikedelweiss <at> disroot.org>
Cc: 75640-done <at> debbugs.gnu.org, 75639-done <at> debbugs.gnu.org
Subject: Re: [bug#75640] [PATCH] gnu: Update pam-u2f to 3.1.2
Date: Sat, 18 Jan 2025 22:29:06 +0800

On Sat, 18 Jan 2025 06:33:46 +0800,
Lesik Edelweiss via Guix-patches via wrote:
> 
> This fixes the CVE-2025-23013
> 
> Change-Id: I4a7d37c25af38ff90bbae18adc0d4b145c7ad3c0
> ---
>  gnu/packages/security-token.scm | 32 +++++++++++++++-----------------
>  1 file changed, 15 insertions(+), 17 deletions(-)

Applied as c029eb43b4ff553bc2fa77ddd07c5a78da5fd8c9, thanks!

[Message part 3 (message/rfc822, inline)]

From: Lesik Edelweiss <lesikedelweiss <at> disroot.org>
To: guix-patches <at> gnu.org
Cc: Lesik Edelweiss <lesikedelweiss <at> disroot.org>
Subject: [PATCH] gnu: Update pam-u2f to 3.1.2
Date: Sat, 18 Jan 2025 00:33:46 +0200

This fixes the CVE-2025-23013

Change-Id: I4a7d37c25af38ff90bbae18adc0d4b145c7ad3c0
---
 gnu/packages/security-token.scm | 32 +++++++++++++++-----------------
 1 file changed, 15 insertions(+), 17 deletions(-)

diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index cb6746c028..f04dab6909 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -682,25 +682,23 @@ (define-public libu2f-server
 (define-public pam-u2f
   (package
     (name "pam-u2f")
-    (version "1.3.0")
-    (source (origin
-              (method git-fetch)
-              (uri
-               (git-reference
-                (url "https://github.com/Yubico/pam-u2f")
-                (commit (string-append "pam_u2f-" version))))
-              (file-name (git-file-name name version))
-              (sha256
-               (base32 "1swvys98mw7ailllgqicvhj315qajhvqrmm314cp3bj0l76s9qpv"))))
+    (version "1.3.2")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/Yubico/pam-u2f")
+             (commit (string-append "pam_u2f-" version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "0528r0q3j1d6cb3dzh9vgagr8v2b2y5yylykr1cqjmg9hvp35a4i"))))
     (build-system gnu-build-system)
     (arguments
-     `(#:configure-flags
-       (list (string-append "--with-pam-dir="
-                            (assoc-ref %outputs "out") "/lib/security"))))
-    (inputs
-     (list libfido2 linux-pam openssl))
-    (native-inputs
-     (list asciidoc autoconf automake libtool pkg-config))
+     `(#:configure-flags (list (string-append "--with-pam-dir="
+                                              (assoc-ref %outputs "out")
+                                              "/lib/security"))))
+    (inputs (list libfido2 linux-pam openssl))
+    (native-inputs (list asciidoc autoconf automake libtool pkg-config))
     (home-page "https://developers.yubico.com/pam-u2f/")
     (synopsis "PAM module for U2F authentication")
     (description

base-commit: f0804b0c2253542e9f0e255fbf8dc5847bba919d
-- 
2.47.1

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.