Add 'Errata 2023 06 27 b'

2023-06-26 18:58:14 +00:00 · 2023-06-26 18:58:14 +00:00 · d9076444f0
parent 54602f2076
commit d9076444f0
1 changed files with 26 additions and 0 deletions
--- a/Errata-2023-06-27-b.md
+++ b/Errata-2023-06-27-b.md
@ -0,0 +1,26 @@
+## Errata: 
+
+ Date:: 2023-06-27
+
+ Affects:: All releases prior to [Ximenia](Releases-Ximenia)
+
+ Description:: If the template ends in a `%` character, `openpam_subst(3)` will read past the end.
+
+ Workaround:: None.
+
+ Fix:: Upgrade to [OpenPAM Ximenia](Releases-Ximenia).  If you are unable or unwilling to upgrade, apply the following patch:
+
+```
+--- lib/libpam/openpam_subst.c.orig
+++ lib/libpam/openpam_subst.c
+@@ -104,7 +104,8 @@ openpam_subst(const pam_handle_t *pamh,
+                                subst_char('%');
+                                subst_char(*template);
+                        }
+-                       ++template;
+                       if (*template)
+                               ++template;
+                } else {
+                        subst_char(*template++);
+                }
+```