ELSA-2017-2285

ELSA-2017-2285 - authconfig security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2017-08-07

Description


[6.2.8-30]
- do not use /usr and LIBDIR together (#1455233)

[6.2.8-29]
- update translations (#1449625)

[6.2.8-28]
- ignore PAM_IGNORE for pam_succeed_if so application do not fail in pam_setcred() (#1450425)

[6.2.8-27]
- fix typo in the patch for CVE-2017-7488 (#1441604)

[6.2.8-26]
- CVE-2017-7488 authconfig: Information leak when SSSD is used for authentication against remote server (#1441604)

[6.2.8-25]
- faillock: change preauth phase to required and fix arguments handling (#1334449)

[6.2.8-24]
- faillock: add preauth phase so the account is actually blocked (#1334449)

[6.2.8-23]
- sssd: do not write SSSD PAM if there is no sssd.conf present (#1443949)

[6.2.8-21]
- sssd: do not ask for password with smartcards (#1441374)

[6.2.8-20]
- sssd: catch NoServiceError exception (#1441549)

[6.2.8-19]
- Add pam_faillock support (#1334449)

[6.2.8-18]
- Add SSSD Smartcard support (#1378943)

[6.2.8-17]
- Enable SSSD authentication also for local users (#1329598)

[6.2.8-16]
- Note that SSSD configuration may change with --updateall (#1339434)

[6.2.8-15]
- change pam module location from /lib[64] to /usr/lib[64] (#1414494)


Related CVEs


CVE-2017-7488

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) authconfig-6.2.8-30.el7.src.rpm407597c3e02b9d1110e118cd3d819b02-
authconfig-6.2.8-30.el7.aarch64.rpm457b8b9d369fced156ffc6cfac4c9f84-
authconfig-gtk-6.2.8-30.el7.aarch64.rpm954c3c2ba9b74b456502c219f3b9b2fd-
Oracle Linux 7 (x86_64) authconfig-6.2.8-30.el7.src.rpm407597c3e02b9d1110e118cd3d819b02-
authconfig-6.2.8-30.el7.x86_64.rpmecf1c141c9454f9ab199fc64c73e5f31-
authconfig-gtk-6.2.8-30.el7.x86_64.rpm0eac1f6e5358299035760b063e067b26-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete