Описание
Security update for pam
This update for pam fixes the following issue:
Security issue fixed:
- CVE-2018-17953: Fixed IP address and subnet handling of pam_access.so that was not honoured correctly when a single host was specified (bsc#1115640).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
pam-1.3.0-6.6.1
pam-32bit-1.3.0-6.6.1
pam-devel-1.3.0-6.6.1
pam-doc-1.3.0-6.6.1
SUSE Linux Enterprise Module for Development Tools 15
pam-devel-32bit-1.3.0-6.6.1
Ссылки
- Link for SUSE-SU-2018:3965-1
- E-Mail link for SUSE-SU-2018:3965-1
- SUSE Security Ratings
- SUSE Bug 1115640
- SUSE CVE CVE-2018-17953 page
Описание
A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open).
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:pam-1.3.0-6.6.1
SUSE Linux Enterprise Module for Basesystem 15:pam-32bit-1.3.0-6.6.1
SUSE Linux Enterprise Module for Basesystem 15:pam-devel-1.3.0-6.6.1
SUSE Linux Enterprise Module for Basesystem 15:pam-doc-1.3.0-6.6.1
Ссылки
- CVE-2018-17953
- SUSE Bug 1115640
- SUSE Bug 1197654