An authentication bypass issue was found in pam 1.5.0. Nonexistent users could authenticate if the root password was empty.
An authentication bypass issue was found in pam 1.5.0. Nonexistent users could authenticate if the root password was empty.
https://github.com/linux-pam/linux-pam/blob/5b7ba35ebfd280c931933fedbf98cb7f4a8846f2/NEWS#L4-L5 https://github.com/linux-pam/linux-pam/pull/300 https://github.com/linux-pam/linux-pam/commit/30fdfb90d9864bcc254a62760aaa149d373fd4eb