[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Source Code One Line Change [patch] and Copyright holder

This is the default and proposed installation in the README file. Many many people claim until now (I have received plenty of email's!!!) that they use this installation and could never imagine that there was such a bug for more than a year now. Another guy reported that he has installed pam_yubico module to more than 130 CentOS server's and you could easily imagine what the consequences will be if someone has discovered the bug and solely used it for his own profit.


> ]] "Nanakos V. Chrysostomos"
> | Authentication succeeded when no password
> | was given, unless use_first_pass was being used.
> | This is fatal if pam_yubico is considered 'sufficient' in the PAM
> | configuration.
> It also requires you to use the client mode (which is the default) and not
> the challenge
> response mode, which explains why I couldn't reproduce your issue.
> --
> Tollef Fog Heen
> UNIX is user friendly, it's just picky about who its friends are
> --
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> Archive:
> http://lists.debian.org/[🔎] 87r548qnp0.fsf@qurzaw.varnish-software.com

Reply to: