Описание
ELSA-2023-7112: shadow-utils security and bug fix update (LOW)
[2:4.6-19]
- gpasswd: fix password leak. Resolves: #2215947
[2:4.6-18]
- Update patch to close label to reset libselinux state. Resolves: #1984740
- useradd: check if subid range exists for user. Resolves: #2012929
- find_new_[gu]id: Skip over IDs that are reserved for legacy reasons. Resolves: #1994269
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
shadow-utils
4.6-19.el8
shadow-utils-subid
4.6-19.el8
shadow-utils-subid-devel
4.6-19.el8
Oracle Linux x86_64
shadow-utils
4.6-19.el8
shadow-utils-subid
4.6-19.el8
shadow-utils-subid-devel
4.6-19.el8
Связанные CVE
Связанные уязвимости
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.
A flaw was found in shadow-utils. When asking for a new password, shad ...