https://linuxsecurity.com/advisories/archlinux?start=5 issued alert 17.12.2020 about ‘’… package pam before version 1.5.0-2 is vulnerable to authentication bypass.’’ This package pam version 1.5.0-1 is now in Manjaro official core sources. Removing of this pam package from PC requires removing of many other substantial packages.
Is there any info about fix to this vulnerability of pam?