ELSA-2024-10379

ELSA-2024-10379 - pam security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2024-11-26

Description


[1.3.1-36.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695]

[1.3.1-36]
- pam_access: rework resolving of tokens as hostname.
Resolves: CVE-2024-10963 and RHEL-66242

[1.3.1-35]
- pam_unix: always run the helper to obtain shadow password file entries.
CVE-2024-10041. Resolves: RHEL-62877
- pam_access: always match local address and clarify LOCAL keyword behaviour.
Resolves: RHEL-23018
- libpam: support long lines in service files. Resolves: RHEL-5051


Related CVEs


CVE-2024-10963
CVE-2024-10041

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) pam-1.3.1-36.0.1.el8_10.src.rpmd6af61e9c32c0c98a63dcd9be97a0617-ol8_aarch64_baseos_latest
pam-1.3.1-36.0.1.el8_10.src.rpmd6af61e9c32c0c98a63dcd9be97a0617-ol8_aarch64_u10_baseos_patch
pam-1.3.1-36.0.1.el8_10.aarch64.rpmf7398e9d7538ef629f8ac5ac7c04f40c-ol8_aarch64_baseos_latest
pam-1.3.1-36.0.1.el8_10.aarch64.rpmf7398e9d7538ef629f8ac5ac7c04f40c-ol8_aarch64_u10_baseos_patch
pam-devel-1.3.1-36.0.1.el8_10.aarch64.rpm1813c2df84291cf938b27e2044fc79ce-ol8_aarch64_baseos_latest
pam-devel-1.3.1-36.0.1.el8_10.aarch64.rpm1813c2df84291cf938b27e2044fc79ce-ol8_aarch64_u10_baseos_patch
Oracle Linux 8 (x86_64) pam-1.3.1-36.0.1.el8_10.src.rpmd6af61e9c32c0c98a63dcd9be97a0617-ol8_x86_64_baseos_latest
pam-1.3.1-36.0.1.el8_10.src.rpmd6af61e9c32c0c98a63dcd9be97a0617-ol8_x86_64_u10_baseos_patch
pam-1.3.1-36.0.1.el8_10.i686.rpme3af732a7bec2a0d35a3f953cc65fd27-ol8_x86_64_baseos_latest
pam-1.3.1-36.0.1.el8_10.i686.rpme3af732a7bec2a0d35a3f953cc65fd27-ol8_x86_64_u10_baseos_patch
pam-1.3.1-36.0.1.el8_10.x86_64.rpm3b3b5cdc43682327867f625aadb22871-ol8_x86_64_baseos_latest
pam-1.3.1-36.0.1.el8_10.x86_64.rpm3b3b5cdc43682327867f625aadb22871-ol8_x86_64_u10_baseos_patch
pam-devel-1.3.1-36.0.1.el8_10.i686.rpm6dc344184032ca88941818d7c21bd25c-ol8_x86_64_baseos_latest
pam-devel-1.3.1-36.0.1.el8_10.i686.rpm6dc344184032ca88941818d7c21bd25c-ol8_x86_64_u10_baseos_patch
pam-devel-1.3.1-36.0.1.el8_10.x86_64.rpm966823840c6687a680b955608445a8cd-ol8_x86_64_baseos_latest
pam-devel-1.3.1-36.0.1.el8_10.x86_64.rpm966823840c6687a680b955608445a8cd-ol8_x86_64_u10_baseos_patch


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete