Fedora 22: FEDORA-2015-12301 Critical: Libuser DoS Threat
fedora
July 30, 2015
Security fix for CVE-2015-3245, CVE-2015-3246
Summary
The libuser library implements a standardized interface for manipulating
and administering user and group accounts. The library uses pluggable
back-ends to interface to its data sources.
Sample applications modeled after those included with the shadow password
suite are included.
Update Information:
Security fix for CVE-2015-3245, CVE-2015-3246
Topics Covered
Change Log
* Thu Jul 23 2015 Miloslav TrmaÄ
References
[ 1 ] Bug #1233043 - CVE-2015-3245 libuser does not filter newline characters in the GECOS field
https://bugzilla.redhat.com/show_bug.cgi?id=1233043
[ 2 ] Bug #1233052 - CVE-2015-3246 libuser: Security flaw in handling /etc/passwd file
https://bugzilla.redhat.com/show_bug.cgi?id=1233052
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update libuser' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: libuser
Product: Fedora 22
Version: 0.62
Release: 1.fc22
Summary: A user and group account administration library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!