Описание
ELSA-2017-2285: authconfig security, bug fix, and enhancement update (MODERATE)
[6.2.8-30]
- do not use /usr and LIBDIR together (#1455233)
[6.2.8-29]
- update translations (#1449625)
[6.2.8-28]
- ignore PAM_IGNORE for pam_succeed_if so application do not fail in pam_setcred() (#1450425)
[6.2.8-27]
- fix typo in the patch for CVE-2017-7488 (#1441604)
[6.2.8-26]
- CVE-2017-7488 authconfig: Information leak when SSSD is used for authentication against remote server (#1441604)
[6.2.8-25]
- faillock: change preauth phase to required and fix arguments handling (#1334449)
[6.2.8-24]
- faillock: add preauth phase so the account is actually blocked (#1334449)
[6.2.8-23]
- sssd: do not write SSSD PAM if there is no sssd.conf present (#1443949)
[6.2.8-21]
- sssd: do not ask for password with smartcards (#1441374)
[6.2.8-20]
- sssd: catch NoServiceError exception (#1441549)
[6.2.8-19]
- Add pam_faillock support (#1334449)
[6.2.8-18]
- Add SSSD Smartcard support (#1378943)
[6.2.8-17]
- Enable SSSD authentication also for local users (#1329598)
[6.2.8-16]
- Note that SSSD configuration may change with --updateall (#1339434)
[6.2.8-15]
- change pam module location from /lib[64] to /usr/lib[64] (#1414494)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
authconfig
6.2.8-30.el7
authconfig-gtk
6.2.8-30.el7
Oracle Linux x86_64
authconfig
6.2.8-30.el7
authconfig-gtk
6.2.8-30.el7
Связанные CVE
Связанные уязвимости
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.