You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa pam

Sigurnosni nedostatak programskog paketa pam

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2015-06-27 09:58:16

Name : pam
Product : Fedora 21
Version : 1.1.8
Release : 19.fc21
Summary : An extensible library which provides authentication for applications
Description :
PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without
having to recompile programs that handle authentication.

Update Information:

Update fixing a minor security issue CVE-2015-3238.


* Fri Jun 26 2015 Tomáš Mráz <> 1.1.8-19
– fix CVE-2015-3238 – minor security issue when handling long passwords
* Fri Oct 17 2014 Tomáš Mráz <> 1.1.8-18
– use USER_MGMT type for auditing in the pam_tally2 and faillock
apps (#1151576)
* Thu Sep 11 2014 Tomáš Mráz <> 1.1.8-17
– update the audit-grantor patch with the upstream changes
– pam_userdb: correct the example in man page (#1078784)
– pam_limits: check whether the utmp login entry is valid (#1080023)
– pam_console_apply: do not print error if console.perms.d is empty
– pam_limits: nofile refers to open file descriptors (#1111220)
– apply PIE and full RELRO to all binaries built

[ 1 ] Bug #1228571 – CVE-2015-3238 pam: DoS/user enumeration due to blocking pipe in pam_unix module

This update can be installed with the “yum” update program. Use
su -c ‘yum update pam’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarijo Plepelic
Cert idNCERT-REF-2015-07-0006-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa chrony

Otkriveni su sigurnosni nedostaci u programskom paketu chrony. Otkriveni nedostaci potencijalnim napadačima omogućuju pokretanje proizvoljnog programskog koda i izvođenje napada...