Stay Connected:

ELSA-2024-11250

ELSA-2024-11250 - pam security update

Type:SECURITY
Impact:MODERATE
Release Date:2024-12-19

Description


[1.5.1-21.0.1]
- pam_access: clean up the remote host matching code [Orabug: 36771903]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

[1.5.1-21]
- pam_unix: always run the helper to obtain shadow password file entries.
CVE-2024-10041. Resolves: RHEL-62880

[1.5.1-20]
- libpam: support long lines in service files. Resolves: RHEL-40705

[1.5.1-19]
- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
situations. CVE-2024-22365. Resolves: RHEL-21244

[1.5.1-18]
- libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727
- pam_access: handle hostnames in access.conf. Resolves: RHEL-22300

[1.5.1-17]
- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943

[1.5.1-16]
- libpam: use close_range() to close file descriptors. Resolves: RHEL-5099
- fix formatting of audit messages. Resolves: RHEL-5100

[1.5.1-15]
- pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2215007


Related CVEs


CVE-2024-10041

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) pam-1.5.1-21.0.1.el9_5.src.rpm426a81cb97355ab39288c77f67d63125670c6dad8d84986c46d87706ac17a322-ol9_aarch64_appstream
pam-1.5.1-21.0.1.el9_5.src.rpm426a81cb97355ab39288c77f67d63125670c6dad8d84986c46d87706ac17a322-ol9_aarch64_baseos_latest
pam-1.5.1-21.0.1.el9_5.src.rpm426a81cb97355ab39288c77f67d63125670c6dad8d84986c46d87706ac17a322-ol9_aarch64_u5_baseos_patch
pam-1.5.1-21.0.1.el9_5.aarch64.rpm086bd7ce7927e46f912377384e1d1cebeb0f663ee946555f8f04e96e7838ad18-ol9_aarch64_baseos_latest
pam-1.5.1-21.0.1.el9_5.aarch64.rpm086bd7ce7927e46f912377384e1d1cebeb0f663ee946555f8f04e96e7838ad18-ol9_aarch64_u5_baseos_patch
pam-devel-1.5.1-21.0.1.el9_5.aarch64.rpmcf43eacac5fb183625e582710771d0d9d206d9b47fb466cdcf1eb5db25280f10-ol9_aarch64_appstream
pam-docs-1.5.1-21.0.1.el9_5.aarch64.rpm8e325767675f8b612f74cac0628084f0f7d434e557db8d33682ba2b55740c40b-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) pam-1.5.1-21.0.1.el9_5.src.rpm426a81cb97355ab39288c77f67d63125670c6dad8d84986c46d87706ac17a322-ol9_x86_64_appstream
pam-1.5.1-21.0.1.el9_5.src.rpm426a81cb97355ab39288c77f67d63125670c6dad8d84986c46d87706ac17a322-ol9_x86_64_baseos_latest
pam-1.5.1-21.0.1.el9_5.src.rpm426a81cb97355ab39288c77f67d63125670c6dad8d84986c46d87706ac17a322-ol9_x86_64_u5_baseos_patch
pam-1.5.1-21.0.1.el9_5.i686.rpmc1adb191ed684e461235a0c958193464e4fe315d92931b3549727309c666fe04-ol9_x86_64_baseos_latest
pam-1.5.1-21.0.1.el9_5.i686.rpmc1adb191ed684e461235a0c958193464e4fe315d92931b3549727309c666fe04-ol9_x86_64_u5_baseos_patch
pam-1.5.1-21.0.1.el9_5.x86_64.rpm4e0cdbf8f3ca4062a8fa6692245fe5b1041e0819c8cf809619f8b10298d5e3c9-ol9_x86_64_baseos_latest
pam-1.5.1-21.0.1.el9_5.x86_64.rpm4e0cdbf8f3ca4062a8fa6692245fe5b1041e0819c8cf809619f8b10298d5e3c9-ol9_x86_64_u5_baseos_patch
pam-devel-1.5.1-21.0.1.el9_5.i686.rpmd91018f24ff26392bbd9aa6809437b4b2bf63f3ba7700ec7e6fc3c03d04a4f81-ol9_x86_64_appstream
pam-devel-1.5.1-21.0.1.el9_5.x86_64.rpmc6d16d81e540d0fd6810258647b5305d3e710d582f8c6b26f641ff92c0ed5496-ol9_x86_64_appstream
pam-docs-1.5.1-21.0.1.el9_5.x86_64.rpmd816b5d69b6ab87a29321261c0e50ab08d9e2585eb8c9454db6787dc18eaa8d6-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights