USEFULL/gogs
1
0
Fork 0
mirror of https://github.com/gogs/gogs.git synced 2025-05-29 10:42:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: fix improper PAM authorization handling (#6819)

Browse Source 
Co-authored-by: Joe Chen <jc@unknwon.io>
This commit is contained in:
ysf 2022-03-08 13:02:01 +01:00 committed by GitHub
parent 242deca524
commit 940a7da9d1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -22,6 +22,7 @@ All notable changes to Gogs are documented in this file.
### Fixed ### Fixed
- _Security:_ Potential SSRF in repository migration. [#6754](https://github.com/gogs/gogs/issues/6754) - _Security:_ Potential SSRF in repository migration. [#6754](https://github.com/gogs/gogs/issues/6754)
- _Security:_ Improper PAM authorization handling. [#6810](https://github.com/gogs/gogs/issues/6810)
- Unable to use LDAP authentication on ARM machines. [#6761](https://github.com/gogs/gogs/issues/6761) - Unable to use LDAP authentication on ARM machines. [#6761](https://github.com/gogs/gogs/issues/6761)
### Removed ### Removed

8
internal/auth/pam/pam.go
View File

@ -25,6 +25,10 @@ func (c *Config) doAuth(login, password string) error {
if err != nil { if err != nil {
return err return err
} }
return t.Authenticate(0) err = t.Authenticate(0)
if err != nil {
return err
}
return t.AcctMgmt(0)
} }