ELSA-2024-10379

ULN >
Oracle Linux Errata repository >
ELSA-2024-10379

ELSA-2024-10379 - pam security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-11-26

Description

[1.3.1-36.0.1]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695]

[1.3.1-36]
- pam_access: rework resolving of tokens as hostname.
Resolves: CVE-2024-10963 and RHEL-66242

[1.3.1-35]
- pam_unix: always run the helper to obtain shadow password file entries.
CVE-2024-10041. Resolves: RHEL-62877
- pam_access: always match local address and clarify LOCAL keyword behaviour.
Resolves: RHEL-23018
- libpam: support long lines in service files. Resolves: RHEL-5051

Related CVEs

CVE-2024-10963

CVE-2024-10041

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	pam-1.3.1-36.0.1.el8_10.src.rpm	2e0f37f379af8372a46716477849cb4c82101863af4ef322101163a0d571f779	-	ol8_aarch64_baseos_latest
	pam-1.3.1-36.0.1.el8_10.src.rpm	2e0f37f379af8372a46716477849cb4c82101863af4ef322101163a0d571f779	-	ol8_aarch64_u10_baseos_patch
	pam-1.3.1-36.0.1.el8_10.aarch64.rpm	2f27e5a3e1945da279a1d070e8c08bf79dbfd628e43b1aff130b9e71ee52b3fb	-	ol8_aarch64_baseos_latest
	pam-1.3.1-36.0.1.el8_10.aarch64.rpm	2f27e5a3e1945da279a1d070e8c08bf79dbfd628e43b1aff130b9e71ee52b3fb	-	ol8_aarch64_u10_baseos_patch
	pam-devel-1.3.1-36.0.1.el8_10.aarch64.rpm	edd406eaad24dc3a198c0f3d90c45342afaeeaab04155243428b2aa93b341dff	-	ol8_aarch64_baseos_latest
	pam-devel-1.3.1-36.0.1.el8_10.aarch64.rpm	edd406eaad24dc3a198c0f3d90c45342afaeeaab04155243428b2aa93b341dff	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	pam-1.3.1-36.0.1.el8_10.src.rpm	2e0f37f379af8372a46716477849cb4c82101863af4ef322101163a0d571f779	-	ol8_x86_64_baseos_latest
	pam-1.3.1-36.0.1.el8_10.src.rpm	2e0f37f379af8372a46716477849cb4c82101863af4ef322101163a0d571f779	-	ol8_x86_64_u10_baseos_patch
	pam-1.3.1-36.0.1.el8_10.i686.rpm	8edca7ca22459e788e6c25a4ed688747b22bbbfcf6f25bf57b1535b0992e36b4	-	ol8_x86_64_baseos_latest
	pam-1.3.1-36.0.1.el8_10.i686.rpm	8edca7ca22459e788e6c25a4ed688747b22bbbfcf6f25bf57b1535b0992e36b4	-	ol8_x86_64_u10_baseos_patch
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_23.1.21.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_23.1.22.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_23.1.23.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_23.1.24.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_24.1.10.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_24.1.7.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_24.1.8.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_24.1.9.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_25.1.1.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_25.1.2.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	exadata_dbserver_25.1.3.0.0_x86_64_base
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	ol8_x86_64_baseos_latest
	pam-1.3.1-36.0.1.el8_10.x86_64.rpm	f95fdbdd0b0faa61fc13612557390b34c1d63454a5f31254ed62cf433920344f	-	ol8_x86_64_u10_baseos_patch
	pam-devel-1.3.1-36.0.1.el8_10.i686.rpm	6a153577e69308fc1c261de81281ae694c74bbc975a2a0690a4d39b470cc5ffc	-	ol8_x86_64_baseos_latest
	pam-devel-1.3.1-36.0.1.el8_10.i686.rpm	6a153577e69308fc1c261de81281ae694c74bbc975a2a0690a4d39b470cc5ffc	-	ol8_x86_64_u10_baseos_patch
	pam-devel-1.3.1-36.0.1.el8_10.x86_64.rpm	3656d552abbb8d90cbe90e29673c610b6a2d55b6e3401e3163ccbced95c19761	-	ol8_x86_64_baseos_latest
	pam-devel-1.3.1-36.0.1.el8_10.x86_64.rpm	3656d552abbb8d90cbe90e29673c610b6a2d55b6e3401e3163ccbced95c19761	-	ol8_x86_64_u10_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691