-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 10 Feb 2025 21:06:21 +0100
Source: pam-pkcs11
Binary: libpam-pkcs11 libpam-pkcs11-dbgsym
Architecture: armhf
Version: 0.6.12-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 libpam-pkcs11 - Fully featured PAM module for using PKCS#11 smart cards
Closes: 1095402
Changes:
 pam-pkcs11 (0.6.12-1+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fixed possible authentication bypass: Don't return PAM_IGNORE
     (CVE-2025-24531) (Closes: #1095402)
   * fixed possible authentication bypass: Use signatures to verify
     authentication by default (CVE-2025-24032)
   * Update configuration files for the CVE-2025-24032 fix
Checksums-Sha1:
 a632c1cfead9e048c2e2e6e7b15a7dfec8188fe3 666180 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_armhf.deb
 54d013da1feeaa3e082ddf0d73bbed727fb98eab 128836 libpam-pkcs11_0.6.12-1+deb12u1_armhf.deb
 7e06267af0f31aff8e287807beac28591267f8ae 6830 pam-pkcs11_0.6.12-1+deb12u1_armhf-buildd.buildinfo
Checksums-Sha256:
 3475650be78181aeec90882844a2dcaccbd3831d6954231002478026b4dec62e 666180 libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_armhf.deb
 f94f1460b2bce64258a600b8781c67b6b9b99df855484cb13f999a6991b9ebbd 128836 libpam-pkcs11_0.6.12-1+deb12u1_armhf.deb
 1e3e9aea06494f0fdc96446ca1b29ffaa919795b101ebda39182ad0105e670d5 6830 pam-pkcs11_0.6.12-1+deb12u1_armhf-buildd.buildinfo
Files:
 75e42776504fd47f6aec7ba5cfb018e5 666180 debug optional libpam-pkcs11-dbgsym_0.6.12-1+deb12u1_armhf.deb
 f85a0fa7d3c0b9b3464e577a32570aae 128836 admin optional libpam-pkcs11_0.6.12-1+deb12u1_armhf.deb
 26b68d7cf16d304a9fcd5e3f0caf2914 6830 admin optional pam-pkcs11_0.6.12-1+deb12u1_armhf-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmbvtGd+QaAE2Bi5fsFgOvjtRcdMFAmeqZogACgkQsFgOvjtR
cdMDeQ/+Ndp9uVqU5CC/ftoqaWSzVvXUxykd1lTfrarSRmcWj2ExRYO+LNV1Fk7c
Hip4b/YXmgWjgJZq/34LmZ8gdGGfh4hrcsXBxb/6dzrt1cuUhA+U6cZ3CfSo0dou
YgUArZVunWoL4RD7gpIGaw1HVnjdiJeGjgXWgztsccwzFRK6cOJ0jbRuqHhTT/rZ
nbpiO7741IrgIj9EZedDPFKHlKeSLn3TY6p5D9Czm655Qbd+ElKoG4X+hbjdXgMx
GKGeYgieHLEeAOkdreifTAVbwt8JixkFa4s+C+L+WwtkA+yHQYShV+J9PZmbR6oM
cVnUm/D2YlQ7CfWhnrkbR/xz/Zhk/brIEKW8DnLyQBPa7U5kqffUiyLdNPA1DpCB
3CVsQkEKRpzndAQxi+HMGkEf+QrNhDZygb03X2lePRVTRxBIydorYSFstsVNKY8/
VRoVd70GZxrylQqny7Zcx+Ne9tyMmHC8DJfOxjBIQeoURTQQVWfWqp40jt/aaAUQ
WpfDKfCiIT/DNl/wV8tOsZ0GlcsWBz36OjH2vP4tWD2aPrLuBBEWWnFDbEq8ZeKP
YQhP+X9e9L1m4S07alcyK7nAiBZqtZEYVC7RQQRzG7EFtrQUdVP+66/KOhzDccT3
D6nyHEXOGdiSyfG1hu17ATIL+lIPCHvKmrCRGpFHO8idSlPe7HI=
=ViW3
-----END PGP SIGNATURE-----