Mehrere Probleme in pam_pkcs11
ID: | SUSE-SU-2018:3311-1 |
Distribution: | SUSE |
Plattformen: | SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP3 |
Datum: | Di, 23. Oktober 2018, 15:31 |
Referenzen: | Keine Angabe |
Applikationen: | pam_pkcs11 |
Originalnachricht |
|
SUSE Security Update: Security update for pam_pkcs11 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3311-1 Rating: moderate References: #1049219 #1105012 Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for pam_pkcs11 provides the following fixes: Security issues fixed (bsc#1105012): - Fixed a logic bug in pampkcs11.c, leading to an authentication replay vulnerability - Fixed a stack-based buffer overflow in opensshmapper.c - Make sure memory is properly cleaned before invoking free() Other changes: - Add a systemd service file. (bsc#1049219) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2378=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-2378=1 Package List: - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): pam_pkcs11-0.6.8-7.5.1 pam_pkcs11-debuginfo-0.6.8-7.5.1 pam_pkcs11-debugsource-0.6.8-7.5.1 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): pam_pkcs11-32bit-0.6.8-7.5.1 pam_pkcs11-debuginfo-32bit-0.6.8-7.5.1 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): pam_pkcs11-0.6.8-7.5.1 pam_pkcs11-32bit-0.6.8-7.5.1 pam_pkcs11-debuginfo-0.6.8-7.5.1 pam_pkcs11-debuginfo-32bit-0.6.8-7.5.1 pam_pkcs11-debugsource-0.6.8-7.5.1 References: https://bugzilla.suse.com/1049219 https://bugzilla.suse.com/1105012 _______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates |