Oracle Linux Security Advisory ELSA-2024-11250

http://linux.oracle.com/errata/ELSA-2024-11250.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
pam-1.5.1-21.0.1.el9_5.i686.rpm
pam-1.5.1-21.0.1.el9_5.x86_64.rpm
pam-devel-1.5.1-21.0.1.el9_5.i686.rpm
pam-devel-1.5.1-21.0.1.el9_5.x86_64.rpm
pam-docs-1.5.1-21.0.1.el9_5.x86_64.rpm

aarch64:
pam-1.5.1-21.0.1.el9_5.aarch64.rpm
pam-devel-1.5.1-21.0.1.el9_5.aarch64.rpm
pam-docs-1.5.1-21.0.1.el9_5.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//pam-1.5.1-21.0.1.el9_5.src.rpm

Related CVEs:

CVE-2024-10041




Description of changes:

[1.5.1-21.0.1]
- pam_access: clean up the remote host matching code [Orabug: 36771903]
- pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

[1.5.1-21]
- pam_unix: always run the helper to obtain shadow password file entries.
  CVE-2024-10041. Resolves: RHEL-62880

[1.5.1-20]
- libpam: support long lines in service files. Resolves: RHEL-40705

[1.5.1-19]
- pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
  situations. CVE-2024-22365. Resolves: RHEL-21244

[1.5.1-18]
- libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727
- pam_access: handle hostnames in access.conf. Resolves: RHEL-22300

[1.5.1-17]
- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943

[1.5.1-16]
- libpam: use close_range() to close file descriptors. Resolves: RHEL-5099
- fix formatting of audit messages. Resolves: RHEL-5100

[1.5.1-15]
- pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2215007


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2024-11250: pam security Moderate Security Advisory Updates

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[1.5.1-21.0.1] - pam_access: clean up the remote host matching code [Orabug: 36771903] - pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534] [1.5.1-21] - pam_unix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves: RHEL-62880 [1.5.1-20] - libpam: support long lines in service files. Resolves: RHEL-40705 [1.5.1-19] - pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21244 [1.5.1-18] - libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727 - pam_access: handle hostnames in access.conf. Resolves: RHEL-22300 [1.5.1-17] - pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943 [1.5.1-16] - libpam: use close_range() to close file descriptors. Resolves: RHEL-5099 - fix formatting of audit messages. Resolves: RHEL-5100 [1.5.1-15] - pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2215007

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates//pam-1.5.1-21.0.1.el9_5.src.rpm

x86_64

pam-1.5.1-21.0.1.el9_5.i686.rpm pam-1.5.1-21.0.1.el9_5.x86_64.rpm pam-devel-1.5.1-21.0.1.el9_5.i686.rpm pam-devel-1.5.1-21.0.1.el9_5.x86_64.rpm pam-docs-1.5.1-21.0.1.el9_5.x86_64.rpm

aarch64

pam-1.5.1-21.0.1.el9_5.aarch64.rpm pam-devel-1.5.1-21.0.1.el9_5.aarch64.rpm pam-docs-1.5.1-21.0.1.el9_5.aarch64.rpm

i386

Severity
Related CVEs: CVE-2024-10041

Related News

Parrot OS 6.3: Elevating Security with Enhanced Features & Tools
3 - 5 min read
Parrot OS 6.3 has just arrived , bringing crucial updates that security admins should note. This latest version of the popular secure Linux
Linux Kernel 6.14 Released: Top Security Features You Need to Know
3 - 6 min read
With the release of Linux kernel 6.14 , admins and Linux users have many new features and enhancements to look forward to - especially in the realm
Don
2 - 4 min read
Google recently issued a crucial Chrome update that those using a version of the browser prior to version 132.0.6834.110 should implement
Intel Brings Next-Level Security to Linux with Partner Security Engine
3 - 6 min read
Intel recently introduced a game-changer in hardware security with its new Partner Security Engine integrated into the Core Ultra Series 2. This
A Tiny Linux Kernel Tweak with Massive Implications for Datacenter Efficiency
3 - 6 min read
In a groundbreaking development, security researchers have introduced a small but mighty tweak to the Linux kernel that promises to cut data center
Best Practices for Securing Linux Systems Against Malicious Bots
3 - 6 min read
Linux systems have long been an indispensable asset to businesses and individuals alike. From running servers and cloud infrastructure to powering
Securing Open-Source Projects with Automated Testing on Linux
4 - 7 min read
Open-source project security testing focuses on many components, ensuring there are no safety vulnerabilities. These components include physical
KaOS Linux 2025.01: Merging Security with Practicality
3 - 6 min read
As the realm of Linux distribution expands, security admins find themselves faced with choosing a system that fits operational needs and upholds

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved