-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 10 Feb 2025 21:06:21 +0100
Source: pam-pkcs11
Binary: libpam-pkcs11 libpam-pkcs11-dbgsym
Architecture: mipsel
Version: 0.6.12-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-osuosl-03) <buildd_mips64el-mipsel-osuosl-03@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 libpam-pkcs11 - Fully featured PAM module for using PKCS#11 smart cards
Closes: 1095402
Changes:
 pam-pkcs11 (0.6.12-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fixed possible authentication bypass: Don't return PAM_IGNORE
     (CVE-2025-24531) (Closes: #1095402)
   * fixed possible authentication bypass: Use signatures to verify
     authentication by default (CVE-2025-24032)
   * Update configuration files for the CVE-2025-24032 fix
Checksums-Sha1:
 7640cdb9f605e870d65cb1113349bb58797a851f 708436 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_mipsel.deb
 e20ea6615fb62a7da33487a2fc742e4bade45ee1 141544 libpam-pkcs11_0.6.12-1+deb12u1_mipsel.deb
 811f21014838d5876b61bb2df3cfbba9157f3c50 6784 pam-pkcs11_0.6.12-1+deb12u1_mipsel-buildd.buildinfo
Checksums-Sha256:
 c2816caf7881c3e188f2eae22184eaf23bc23998d59f79a048382d2d42a8bd77 708436 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_mipsel.deb
 8755218999443297d2ca22afc9128b2cb32925525ce5a2a518be97d050451ebb 141544 libpam-pkcs11_0.6.12-1+deb12u1_mipsel.deb
 f223d903da1f729e60a22a107cbbffc43091fb5fca8dccbc2f6b1b5d82f1ca70 6784 pam-pkcs11_0.6.12-1+deb12u1_mipsel-buildd.buildinfo
Files:
 6befae606f2368463d747e900fce7706 708436 debug optional libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_mipsel.deb
 d0948e352400bdbf5442d3d7b5e0ab8a 141544 admin optional libpam-pkcs11_0.6.12-1+deb12u1_mipsel.deb
 d75ee5cfc94fde82450622af68316571 6784 admin optional pam-pkcs11_0.6.12-1+deb12u1_mipsel-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEunmvxaaGKuI+hxxClmZGXOM83t8FAmeqZ30ACgkQlmZGXOM8
3t8azA/+Nd8HJ/5+lfOq5czg1tEHFV0Bq9CbmseuDVLrYzHuIzwzOozqXqRcMQou
I+McYKtZMYPA4Z3s4+3MaPT/4UznY16lPiSVnNcpMszBuYgYgvO7xMW4UEDFzzFM
79M3Z0nS83sjFZp1tBROKAIHT/Scs3Os+hm+5d4+UL2hzsCGxTx/YWTuyRmAnYkM
5NabPgtizmpdhjiQiVrWxXWTRxBDHMP+ctJ2GPbMZRuoH/Ax8zySUgtC88HlcI4P
17mZpd1cA4MBNYGUhQ1LHOtfnwEJJcYMbGX5CrRhXtdmabUgDZDjtgb2NwovEp/o
8mZdH+z4fG6HGEEX/CT5b+mv1kGJl7uSmnEwOJjzVvyCJO6AVy9ERyVYu3IPCOLS
3EYB7aphExOpJJ4t8wNqYyza3cuIyx3eXlTOsIARJuIB5GaM9vsKsQWb7/WFnlEj
QJxAmPAgZjamxpX5d7ZVyh8ZoxQT780Sv985fqnmcrGon0LM5mCqLBtE0Lrd5/Ff
HRoHiNlFpC/n7QObBtIk0+/6uga2cuI62u3cp0f+OPW/qQqZtQTa5s/HHfNhQsEo
gyb3HV0sryu144TQLGq05SXs5iYgmpuRYcCzDrl5g7qqAhlWA3C5c1CoH6YBJvb6
pMSqL2M0/OsNMgPhcdKRHCMFZKjcHZFj9IuxB55mIegpftjkGmA=
=YgWG
-----END PGP SIGNATURE-----