Oracle Linux 9 ELSA-2024-11250 moderate: pam security update
oracle
December 20, 2024
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Summary
[1.5.1-21.0.1] - pam_access: clean up the remote host matching code [Orabug: 36771903] - pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534] [1.5.1-21] - pam_unix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves: RHEL-62880 [1.5.1-20] - libpam: support long lines in service files. Resolves: RHEL-40705 [1.5.1-19] - pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21244 [1.5.1-18] - libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727 - pam_access: handle hostnames in access.conf. Resolves: RHEL-22300 [1.5.1-17] - pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943 [1.5.1-16] - libpam: use close_range() to close file descriptors. Resolves: RHEL-5099 - fix formatting of audit messages. Resolves: RHEL-5100 [1.5.1-15] - pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2215007
SRPMs
http://oss.oracle.com/ol9/SRPMS-updates//pam-1.5.1-21.0.1.el9_5.src.rpm
x86_64
pam-1.5.1-21.0.1.el9_5.i686.rpm pam-1.5.1-21.0.1.el9_5.x86_64.rpm pam-devel-1.5.1-21.0.1.el9_5.i686.rpm pam-devel-1.5.1-21.0.1.el9_5.x86_64.rpm pam-docs-1.5.1-21.0.1.el9_5.x86_64.rpm
aarch64
pam-1.5.1-21.0.1.el9_5.aarch64.rpm pam-devel-1.5.1-21.0.1.el9_5.aarch64.rpm pam-docs-1.5.1-21.0.1.el9_5.aarch64.rpm
PREVIOUS
NEXT
Related CVEs:
CVE-2024-10041
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!