Openwall - tcb

Very Low Activity

Commits : Listings

Analyzed 5 days ago based on code collected 5 days ago.

Commit Message	Contributor	Files Modified	Date
Showing page 1 of 4 Search / Filter on:
1.1: Changed the default hash encoding prefix from "$2a$" to "$2y$" (requires crypt_blowfish 1.2 or newer).	solar	More...	almost 2 years ago
Corrected the explanation of the purpose of the now-dropped sparse file check.	solar	More...	about 3 years ago
1.0.6: Dropped faulty check for sparse files in tcb_is_suspect().	Dmitry V. Levin as ldv	More...	about 3 years ago
Drop faulty check for sparse files in tcb_is_suspect()	Dmitry V. Levin as ldv	More...	about 3 years ago
1.0.5: Decrease the size of tcb_privs structure allocated in .data segment from 256K to a two dozen bytes by moving a groups array to .bss segment.	Dmitry V. Levin as ldv	More...	over 3 years ago
Decrease the size of tcb_privs structure allocated in .data segment from 256K to a two dozen bytes by moving a groups array to .bss segment.	Dmitry V. Levin as ldv	More...	over 3 years ago
1.0.4: - Fixed potential grpbuf buffer overflow in tcb_drop_priv_r(). There doesn't appear to be any untrusted user input involved, so this bug doesn't have to be treated as a security issue. - Patched Makefiles to use LDFLAGS more consistently. Reported by Paweł Hajdan.	Dmitry V. Levin as ldv	More...	over 3 years ago
Fixed potential grpbuf buffer overflow in tcb_drop_priv_r(). This function is expected to return -1 if the buffer in tcb_privs structure is not sufficiently large to store all supplementary groups, but it didn't. It treated 1st argument of getgroups(2) as the size of buffer in bytes, but according to specs it should be set to the size of buffer in items that can be stored there. To reproduce the bug, one has to build tcb with NGROUPS_MAX value lesser than the value defined in /proc/sys/kernel/ngroups_max, and set an appropriate (greater than NGROUPS_MAX) number of supplementary groups for the calling process. There doesn't appear to be any untrusted user input involved. Thus, this bug doesn't have to be treated as a security issue.	Dmitry V. Levin as ldv	More...	over 3 years ago
Use LDFLAGS more consistently. Reported by Paweł Hajdan, Jr. <phajdan.jr at gentoo.org>.	Dmitry V. Levin as ldv	More...	over 3 years ago
1.0.3:	Dmitry V. Levin as ldv	More...	about 4 years ago
Updated copyright for 2009 year	Dmitry V. Levin as ldv	More...	about 4 years ago
In the PAM module, added fflush(3) and fsync(2) calls right before	Dmitry V. Levin as ldv	More...	about 4 years ago
In the PAM module, replaced all calls to exit(3) in child processes	Dmitry V. Levin as ldv	More...	about 4 years ago
1.0.2:	Dmitry V. Levin as ldv	More...	over 6 years ago
In the PAM module, hardened pam_sm_open_session() to fail for unknown users.	Dmitry V. Levin as ldv	More...	about 7 years ago
Updated copyright for 2006 year.	Dmitry V. Levin as ldv	More...	about 7 years ago
Bumped syslog priorities of three pam_sm_chauthtok error messages.	Dmitry V. Levin as ldv	More...	over 7 years ago
Indented pam_prompt like the rest of the sources.	Dmitry V. Levin as ldv	More...	over 7 years ago
Updated copyrights for 2004 and 2005 years.	Dmitry V. Levin as ldv	More...	over 7 years ago
1.0:	Dmitry V. Levin as ldv	More...	over 7 years ago

Copyright ^© 2013 Black Duck Software, Inc. and its contributors, Some Rights Reserved. Unless otherwise marked, this work is licensed under a Creative Commons Attribution 3.0 Unported License . Ohloh ^® and the Ohloh logo are trademarks of Black Duck Software, Inc. in the United States and/or other jurisdictions. All other trademarks are the property of their respective holders.

Openwall - tcb

Commits : Listings

Project Summary

Code Data

SCM Data

Community Data