Описание
ELSA-2023-6632: shadow-utils security and bug fix update (LOW)
[2:4.9-8]
- gpasswd: fix password leak. Resolves: #2215948
[2:4.9-7]
- useradd: check if subid range exists for user. Resolves: #2179987
- find_new_[gu]id: Skip over IDs that are reserved for legacy reasons. Resolves: #2179988
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
shadow-utils
4.9-8.el9
shadow-utils-subid
4.9-8.el9
shadow-utils-subid-devel
4.9-8.el9
Oracle Linux x86_64
shadow-utils
4.9-8.el9
shadow-utils-subid
4.9-8.el9
shadow-utils-subid-devel
4.9-8.el9
Связанные CVE
Связанные уязвимости
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
A flaw was found in shadow-utils. When asking for a new password, shad ...