OVMSA-2015-0117 - pam security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2015-08-18 |
Description
[1.1.1-20.1]
- fix CVE-2015-3238 - DoS due to blocking pipe with very long password
[1.1.1-20]
- make pam_pwhistory and pam_unix tolerant of opasswd file corruption
[1.1.1-19]
- pam_userdb: allow any crypt hash algorithm to be used (#1119289)
[1.1.1-18]
- pam_cracklib: improve documentation (#889233)
- unbreak authentication if ld.so.preload is not empty
- correct off by one error in account expiration calculation (#947011)
- pam_console_apply: do not print error if console.perms.d is empty
- properly handle all cases where crypt() might return NULL (#1026203)
- pam_limits: clarify documentation of maxsyslogins limit (#1028490)
- pam_access: call DNS resolution only when necessary and cache
results (#1029817)
- pam_limits: nofile applies to file descriptors not files (#1040664)
- pam_limits: check whether the utmp login entry is valid (#1054936)
- correct URLs in spec file (#1071770)
- pam_userdb: correct the example in man page (#1078779)
- pam_selinux: canonicalize username for getseuser() (#1083981)
- pam_access: fix netgroup matching and @user@@netgroup parsing (#740233)
[1.1.1-17]
- pam_tty_audit: allow for runtime backwards compatibility with
old kernels
[1.1.1-15]
- add option to pam_tty_audit to disable auditing of password
input
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | pam-1.1.1-20.el6_7.1.src.rpm | ea97824ee12d99ca5a8fe4e6214d4f178fcb4d8d3909520574d9b69ef64617ad | OVMBA-2018-0154 | ovm3_x86_64_3.3_patch |
| pam-1.1.1-20.el6_7.1.x86_64.rpm | 2fd5b519c9fc208850e2014ad97d3c95ded875416baeed1f1b5a4fc19329e002 | OVMBA-2018-0154 | ovm3_x86_64_3.3_patch |
|
| Oracle VM 3.4 (x86_64) | pam-1.1.1-20.el6_7.1.src.rpm | ea97824ee12d99ca5a8fe4e6214d4f178fcb4d8d3909520574d9b69ef64617ad | OVMBA-2018-0154 | ovm34_x86_64_latest |
| pam-1.1.1-20.el6_7.1.x86_64.rpm | 2fd5b519c9fc208850e2014ad97d3c95ded875416baeed1f1b5a4fc19329e002 | OVMBA-2018-0154 | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
