0.6.4

dmulder released this 08 Oct 19:48

· 1777 commits to main since this release

52f1b6f

2024-08-10 - Himmelblau 0.6.4 Patch (Security)

Newer versions of Rust/LLVM would optimise-out a call to pam_get_user due to a library using const incorrectly on a pointer. This could result in a username not being set with an invalid fall through condition. In some cases this COULD CAUSE UNAUTHENTICATED system access.
- Affected versions: 0.5.3 through 0.6.1.

What's Changed

Bug in pam which needs defended against by @dmulder in #221
Stable 0.6.x Debian packaging fixes by @dmulder in #222

Full Changelog: 0.6.2...0.6.4

Contributors

dmulder

Assets 8