Verified successfully on Focal with adsys 0.9.2~20.04. Marking as verification-done
** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: Fix Committed Bug description: [Impact] Memory leaks in adsys pam modules. [Test Plan] 1. Install SRU version of adsys 2. Login as an user 3. Ensure that you can still login successfully. [Where problems could occur] Login can be disabled due to the PAM module crashing. There is only one code path leading to that, so easy to detect. -------------- These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
