pam_pkcs11-0.6.13-1.1 RPM for riscv64

From OpenSuSE Ports Tumbleweed for riscv64

This Linux PAM module allows X.509 a certificate-based user
authentication. The certificate and its dedicated private key are
thereby accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA certificates
as well as online or locally accessible CRLs are used.

Additionally, the package includes pam_pkcs11-related tools:

* pkcs11_eventmgr: Generates actions on card insert, removal, or
  time-out events

* pklogin_finder: Gets the login name that maps to a certificate

* pkcs11_inspect: Inspects the contents of a certificate

* make_hash_links: Creates hash link directories for storing CAs and
CRLs

Provides

• pam_pkcs11
• config(pam_pkcs11)
• pam_pkcs11(riscv-64)

Requires

• /bin/bash
• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• config(pam_pkcs11) = 0.6.13-1.1
• ld-linux-riscv64-lp64d.so.1()(64bit)
• ld-linux-riscv64-lp64d.so.1(GLIBC_2.27)(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.27)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libcurl.so.4()(64bit)
• libldap.so.2()(64bit)
• libldap.so.2(OPENLDAP_2.200)(64bit)
• libnspr4.so()(64bit)
• libnss3.so()(64bit)
• libnss3.so(NSS_3.10)(64bit)
• libnss3.so(NSS_3.2)(64bit)
• libnss3.so(NSS_3.3)(64bit)
• libnss3.so(NSS_3.4)(64bit)
• libnss3.so(NSS_3.6)(64bit)
• libnss3.so(NSS_3.7)(64bit)
• libnss3.so(NSS_3.8)(64bit)
• libnss3.so(NSS_3.9.2)(64bit)
• libnss3.so(NSS_3.9.3)(64bit)
• libpam.so.0()(64bit)
• libpam.so.0(LIBPAM_1.0)(64bit)
• libpam.so.0(LIBPAM_EXTENSION_1.0)(64bit)
• libpcsclite.so.1()(64bit)
• libplc4.so()(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• systemd
• systemd
• systemd
• systemd

License

LGPL-2.1-or-later

Changelog

* Thu Feb 06 2025 Angel Yankov <angel.yankov@suse.com>
  - Update to 0.6.13
    * Added pkcs11-eventmgr systemd service unit.
    * Updated Russian translations for pam_pkcs11 (thx Max Kosmach      and Andrey Cherepanov).
    * Fixed possible authentication bypass (CVE-2025-24032):
    * Use signatures to verify authentication by default      (thx Frank Morgner).
    * Fixed possible authentication bypass (CVE-2025-24531):
    * Restoring the original card_only / wait_for_card behavior      (thx Matthias Gerstner, Frank Morgner).
    * Move pam_securetty.so upward in the example PAM config.
    * Set 'slot_num' configuration parameter to 0 by default     (thx Jpereyra316).
    * Print details about configuration parse errors (thx Jpereyra316).
    * Add Chinese (Simplified) translation.
    * Capitalize all PAM messages (thx Alynx Zhou).
    * Made pkcs11_make_hash_link support whitespaces in file names
    * Drop 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch
    * Drop 0001-memory-leak-fixes.patch
    * Rebase pam_pkcs11-0.5.3-nss-conf.patch
    * Rebase pam_pkcs11-0.6.0-nss-autoconf.patch
* Wed Jan 22 2025 Dominique Leuenberger <dimstar@opensuse.org>
  - Drop rcFOO symlinks for CODE16 (PED-266).
* Tue Sep 24 2024 Simon Vogl <simon.vogl@gmx.net>
  - Fix for boo#1230870:
    * Add patch 0001-memory-leak-fixes.patch
  - Add -Wno-implicit-function-declaration to CFLAGS to fix build
    with gcc14 and newer
* Tue May 07 2024 Davide Benini <davide.benini@suse.com>
  - Fix for bsc#1221255:
    * Add patch 0001-Set-slot_num-configuration-parameter-to-0-by-default.patch
* Thu Feb 29 2024 Dominique Leuenberger <dimstar@opensuse.org>
  - Use %autosetup macro. Allows to eliminate the usage of deprecated
    %patchN.
* Mon Jan 16 2023 Stefan Schubert <schubi@suse.com>
  - Migration of PAM settings to /usr/lib/pam.d.
* Fri Jul 29 2022 pgajdos@suse.com
  -  use pam rpm macros [bsc#1190957]
* Sat Jan 15 2022 Andreas Stieger <andreas.stieger@gmx.de>
  - update to 0.6.12:
    * Limit signature length to 65536 bytes
    * A number of bug fixes and OpenSSL compatibility updates
    * console output color updates
    * Add support of ECDSA signature in addition to RSA
* Thu Oct 14 2021 Johannes Segitz <jsegitz@suse.com>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * pkcs11_eventmgr.service
* Tue Jan 29 2019 sbrabec@suse.com
  - Update to version 0.6.10:
    * Fix some security issues (thx @frankmorgner):
      https://www.x41-dsec.de/lab/advisories/x41-2018-003-pam_pkcs11/
      (drop 0001-verify-using-a-nonce-from-the-system-not-the-card.patch,
      0002-fixed-buffer-overflow-with-long-home-directory.patch,
      0003-fixed-wiping-secrets-with-OpenSSL_cleanse.patch).
    * Fix buffer overflow with long home directory.
    * Fix wiping secrets (now using OpenSSL_cleanse()).
    * Verify using a nonce from the system, not the card.
    * Fix segfalt when checking CRLs
      (drop pam_pkcs11-crl-check.patch).
  - Add rcpkcs11_eventmgr service symlink.

Files

/etc/pam_pkcs11
/etc/pam_pkcs11/cacerts
/etc/pam_pkcs11/card_eventmgr.conf
/etc/pam_pkcs11/crls
/etc/pam_pkcs11/pam_pkcs11.conf
/etc/pam_pkcs11/pkcs11_eventmgr.conf
/usr/bin/card_eventmgr
/usr/bin/pkcs11_eventmgr
/usr/bin/pkcs11_inspect
/usr/bin/pkcs11_listcerts
/usr/bin/pkcs11_make_hash_link
/usr/bin/pkcs11_setup
/usr/bin/pklogin_finder
/usr/lib/pam.d/common-auth-smartcard
/usr/lib/systemd/system/pkcs11_eventmgr.service
/usr/lib64/pam_pkcs11
/usr/lib64/pam_pkcs11/ldap_mapper.so
/usr/lib64/pam_pkcs11/opensc_mapper.so
/usr/lib64/pam_pkcs11/openssh_mapper.so
/usr/lib64/security/pam_pkcs11.so
/usr/share/doc/packages/pam_pkcs11
/usr/share/doc/packages/pam_pkcs11/AUTHORS
/usr/share/doc/packages/pam_pkcs11/COPYING
/usr/share/doc/packages/pam_pkcs11/ChangeLog
/usr/share/doc/packages/pam_pkcs11/ChangeLog.git
/usr/share/doc/packages/pam_pkcs11/NEWS
/usr/share/doc/packages/pam_pkcs11/README
/usr/share/doc/packages/pam_pkcs11/README.autologin
/usr/share/doc/packages/pam_pkcs11/README.mappers
/usr/share/doc/packages/pam_pkcs11/README.md
/usr/share/doc/packages/pam_pkcs11/TODO
/usr/share/doc/packages/pam_pkcs11/card_eventmgr.conf.example
/usr/share/doc/packages/pam_pkcs11/digest_mapping.example
/usr/share/doc/packages/pam_pkcs11/mail_mapping.example
/usr/share/doc/packages/pam_pkcs11/mappers_api.html
/usr/share/doc/packages/pam_pkcs11/pam.d_login.example
/usr/share/doc/packages/pam_pkcs11/pam_pkcs11.conf.example
/usr/share/doc/packages/pam_pkcs11/pam_pkcs11.html
/usr/share/doc/packages/pam_pkcs11/pkcs11_eventmgr.conf.example
/usr/share/doc/packages/pam_pkcs11/subject_mapping.example
/usr/share/locale/de/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/fr/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/it/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/nl/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/pl/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/pt_BR/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/ru/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/tr/LC_MESSAGES/pam_pkcs11.mo
/usr/share/locale/zh_CN/LC_MESSAGES/pam_pkcs11.mo
/usr/share/man/man1/card_eventmgr.1.gz
/usr/share/man/man1/pkcs11_eventmgr.1.gz
/usr/share/man/man1/pkcs11_inspect.1.gz
/usr/share/man/man1/pkcs11_listcerts.1.gz
/usr/share/man/man1/pkcs11_make_hash_link.1.gz
/usr/share/man/man1/pkcs11_setup.1.gz
/usr/share/man/man1/pklogin_finder.1.gz
/usr/share/man/man8/pam_pkcs11.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Feb 11 02:29:52 2025