Fedora 22: libuser Security Update
Summary
The libuser library implements a standardized interface for manipulating
and administering user and group accounts. The library uses pluggable
back-ends to interface to its data sources.
Sample applications modeled after those included with the shadow password
suite are included.
Update Information:
Security fix for CVE-2015-3245, CVE-2015-3246
Change Log
* Thu Jul 23 2015 Miloslav TrmaÄ
References
[ 1 ] Bug #1233043 - CVE-2015-3245 libuser does not filter newline characters in the GECOS field https://bugzilla.redhat.com/show_bug.cgi?id=1233043 [ 2 ] Bug #1233052 - CVE-2015-3246 libuser: Security flaw in handling /etc/passwd file https://bugzilla.redhat.com/show_bug.cgi?id=1233052
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update libuser' at the command line. For more information, refer to "Managing Software with yum", available at .