drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in pam_pkcs11
Name: |
Mehrere Probleme in pam_pkcs11 |
|
ID: |
SUSE-SU-2018:3290-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Linux Enterprise Module for Basesystem 15 |
|
Datum: |
Mo, 22. Oktober 2018, 23:04 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
pam_pkcs11 |
|
Originalnachricht |
SUSE Security Update: Security update for pam_pkcs11 ______________________________________________________________________________
Announcement ID: SUSE-SU-2018:3290-1 Rating: moderate References: #1105012 Affected Products: SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for pam_pkcs11 fixes the following security issues:
- It was possible to replay an authentication by using a specially prepared smartcard or token (bsc#1105012) - Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes (bsc#1105012) - Memory not cleaned properly before free() (bsc#1105012)
This non-security issue was fixed:
- Fix segfault and fetch problems when checking CRLs
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Basesystem 15:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2374=1
Package List:
- SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64):
pam_pkcs11-0.6.9-3.3.3 pam_pkcs11-debuginfo-0.6.9-3.3.3 pam_pkcs11-debugsource-0.6.9-3.3.3
- SUSE Linux Enterprise Module for Basesystem 15 (x86_64):
pam_pkcs11-32bit-0.6.9-3.3.3 pam_pkcs11-32bit-debuginfo-0.6.9-3.3.3
References:
https://bugzilla.suse.com/1105012
_______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates
|
|
|
|