Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 39: 2023-96c21ed09c Critical Tacacs+ Authentication Issue

fedora
Calendar Grey October 9, 2023
Dist Fedora Esm H88
The recent Fedora 39 release improves security by addressing CVE-2023-45239 related to tacacs+, providing significant fixes for authentication loopholes.
Update to git snapshot 4fdf178 for CVE-2023-45239; Fixes: RHBZ#2242402

Summary

Tacacs+ (tac_plus) is a C daemon that authenticates requests via the Tacacs+

Protocol and logs accounting information.

This is a fork of Cisco + Shruberry's Tacacs+ daemons

(https://shrubbery.net/tac_plus/).

Update Information:

Update to git snapshot 4fdf178 for CVE-2023-45239; Fixes: RHBZ#2242402

Topics%20covered

Topics Covered

security advisory security update Fedora critical fix authentication issue tacacs

Change Log

* Thu Oct 5 2023 Davide Cavalca - F4.0.4.28.7fb~20231005g4fdf178-1 - Update to git snapshot 4fdf178 for CVE-2023-45239; Fixes: RHBZ#2242402

References


[ 1 ] Bug #2242402 - tacacs: CVE-2023-45239 https://bugzilla.redhat.com/show_bug.cgi?id=2242402

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-96c21ed09c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tacacs
Product: Fedora 39
Version: F4.0.4.28.7fb~20231005g4fdf178
Release: 1.fc39
URL: https://github.com/facebook/tac_plus
Summary: Daemon to run AAA via TACACS+ Protocol via IPv4 and IPv6

Topics%20covered

Topics Covered

security advisory security update Fedora critical fix authentication issue tacacs

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here