diff options
Diffstat (limited to 'HISTORY')
| -rw-r--r-- | HISTORY | 25 |
1 files changed, 22 insertions, 3 deletions
@@ -1,3 +1,24 @@ +OpenPAM Ourouparia 2014-09-12 + + - ENHANCE: When executing a chain, require at least one service + function to succeed. This mitigates fail-open scenarios caused by + misconfigurations or missing modules. + + - ENHANCE: Make sure to overwrite buffers which may have contained an + authentication token when they're no longer needed. + + - BUGFIX: Under certain circumstances, specifying a non-existent + module (or misspelling the name of a module) in a policy could + result in a fail-open scenario. (CVE-2014-3879) + + - FEATURE: Add a search path for modules. This was implemented in + Nummularia but inadvertently left out of the release notes. + + - BUGFIX: The is_upper() predicate only accepted the letter A as an + upper-case character instead of the entire A-Z range. As a result, + service and module names containing upper-case letters other than A + would be rejected. +============================================================================ OpenPAM Nummularia 2013-09-07 - ENHANCE: Rewrite the dynamic loader to improve readability and @@ -97,7 +118,7 @@ OpenPAM Lycopsida 2011-12-18 module before loading it. - ENHANCE: added / improved input validation in many cases, including - the policy file and some function arguments. + the policy file and some function arguments. (CVE-2011-4122) ============================================================================ OpenPAM Hydrangea 2007-12-21 @@ -427,5 +448,3 @@ Fixed a number of bugs in the previous release, including: OpenPAM Calamite 2002-02-09 First (beta) release. -============================================================================ -$Id: HISTORY 737 2013-09-07 12:53:55Z des $ |