Skip to content
Commit 996e854f authored by Michael Biebl's avatar Michael Biebl
Browse files

pam-systemd: Use secure_getenv() rather than getenv() 

Fixes a vulnerability in the systemd PAM module which insecurely uses
the environment and lacks seat verification permitting spoofing an
active session to PolicyKit.

CVE-2019-3842
parent b96b67ca
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment