What Are You Looking For?

Sign Up
   SUSE Security Update: Security update for pam_pkcs11
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:3290-1
Rating:             moderate
References:         #1105012 
Affected Products:
                    SUSE Linux Enterprise Module for Basesystem 15
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:

   This update for pam_pkcs11 fixes the following security issues:

   - It was possible to replay an authentication by using a specially
     prepared smartcard or token (bsc#1105012)
   - Prevent buffer overflow if a user has a home directory with a length of
     more than 512 bytes (bsc#1105012)
   - Memory not cleaned properly before free() (bsc#1105012)

   This non-security issue was fixed:

   - Fix segfault and fetch problems when checking CRLs


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Basesystem 15:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2374=1



Package List:

   - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64):

      pam_pkcs11-0.6.9-3.3.3
      pam_pkcs11-debuginfo-0.6.9-3.3.3
      pam_pkcs11-debugsource-0.6.9-3.3.3

   - SUSE Linux Enterprise Module for Basesystem 15 (x86_64):

      pam_pkcs11-32bit-0.6.9-3.3.3
      pam_pkcs11-32bit-debuginfo-0.6.9-3.3.3


References:

   https://bugzilla.suse.com/1105012

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
https://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2018:3290-1 moderate: pam_pkcs11

October 22, 2018
An update that contains security fixes can now be installed

Summary

This update for pam_pkcs11 fixes the following security issues: - It was possible to replay an authentication by using a specially prepared smartcard or token (bsc#1105012) - Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes (bsc#1105012) - Memory not cleaned properly before free() (bsc#1105012) This non-security issue was fixed: - Fix segfault and fetch problems when checking CRLs Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-2374=1 Package List: - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): pam_pkcs11-0.6.9-3.3.3 pam_pkcs11-debuginfo-0.6.9-3.3.3 pam_pkcs11-debugsource-0.6.9-3.3.3 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): pam_pkcs11-32bit-0.6.9-3.3.3 pam_pkcs11-32bit-debuginfo-0.6.9-3.3.3

References

#1105012

Affected Products:

SUSE Linux Enterprise Module for Basesystem 15

https://bugzilla.suse.com/1105012

Severity
Announcement ID: SUSE-SU-2018:3290-1
Rating: moderate

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo