Oracle Linux 8: ELSA-2024-10379 critical pam security fix
oracle
December 5, 2024
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Summary
[1.3.1-36.0.1] - pam_limits: fix use after free in pam_sm_open_session [Orabug: 36272695] [1.3.1-36] - pam_access: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66242 [1.3.1-35] - pam_unix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves: RHEL-62877 - pam_access: always match local address and clarify LOCAL keyword behaviour. Resolves: RHEL-23018 - libpam: support long lines in service files. Resolves: RHEL-5051
Topics Covered
SRPMs
http://oss.oracle.com/ol8/SRPMS-updates//pam-1.3.1-36.0.1.el8_10.src.rpm
x86_64
pam-1.3.1-36.0.1.el8_10.i686.rpm pam-1.3.1-36.0.1.el8_10.x86_64.rpm pam-devel-1.3.1-36.0.1.el8_10.i686.rpm pam-devel-1.3.1-36.0.1.el8_10.x86_64.rpm
aarch64
pam-1.3.1-36.0.1.el8_10.aarch64.rpm pam-devel-1.3.1-36.0.1.el8_10.aarch64.rpm
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2024-10041
CVE-2024-10963
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!