Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 18.04/16.04: USN-4552-3 Moderate: Pam-Python Regression

ubuntu
Calendar Grey October 28, 2020
Dist Ubuntu Esm H88
Critical updates affecting Python libraries on Ubuntu 18.04 LTS and 16.04 LTS have surfaced. Users are advised to install the latest upgrades promptly.
USN-4552-1 and USN-4552-2 introduced a regression in Pam-python

Summary

USN-4552-1 and USN-4552-2 introduced a regression in Pam-python

Software Description:

- pam-python: Enables PAM modules to be written in Python

Details:

USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update

introduced a regression which prevented PAM modules written in Python from

importing python modules from site-specific directories.

We apologize for the inconvenience.

Original advisory details:

Malte Kraus discovered that Pam-python mishandled certain environment variables.

A local attacker could potentially use this vulnerability to execute programs

as root.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libpam-python                   1.0.6-1.1+deb10u1ubuntu0.1

Ubuntu 16.04 LTS:
  libpam-python                   1.0.4-1.1+deb8u1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4552-3

https://ubuntu.com/security/notices/USN-4552-1

CVE-2019-16729

October 28, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here