<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body bgcolor="#ffffff" text="#000000">
    <tt>Oracle Linux Security Advisory ELSA-2010-0819<br>
      <br>
      <a class="moz-txt-link-freetext"
        href="https://rhn.redhat.com/errata/RHSA-2010-0819.html">https://rhn.redhat.com/errata/RHSA-2010-0819.html</a><br>
      <br>
      The following updated rpms for Oracle Linux 5 have been uploaded
      to the Unbreakable Linux Network:<br>
      <br>
      i386:<br>
      pam-0.99.6.2-6.el5_5.2.i386.rpm<br>
      pam-devel-0.99.6.2-6.el5_5.2.i386.rpm<br>
      <br>
      x86_64:<br>
      pam-0.99.6.2-6.el5_5.2.i386.rpm<br>
      pam-0.99.6.2-6.el5_5.2.x86_64.rpm<br>
      pam-devel-0.99.6.2-6.el5_5.2.i386.rpm<br>
      pam-devel-0.99.6.2-6.el5_5.2.x86_64.rpm<br>
      <br>
      ia64:<br>
      pam-0.99.6.2-6.el5_5.2.i386.rpm<br>
      pam-0.99.6.2-6.el5_5.2.ia64.rpm<br>
      pam-devel-0.99.6.2-6.el5_5.2.ia64.rpm<br>
      <br>
      <br>
      SRPMS:<br>
      <a class="moz-txt-link-freetext"
href="http://oss.oracle.com/el5/SRPMS-updates/pam-0.99.6.2-6.el5_5.2.src.rpm">http://oss.oracle.com/el5/SRPMS-updates/pam-0.99.6.2-6.el5_5.2.src.rpm</a><br>
      <br>
      <br>
      Description of changes:<br>
      <br>
      [0.99.6.2-6.2]<br>
      - fix insecure dropping of priviledges in pam_xauth<br>
        and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335)<br>
      - fix insecure executing of scripts with user supplied environment<br>
        variables in pam_namespace - CVE-2010-3853 (#643043)</tt><br>
     <!-- This signature was generated by the MyDesktop Oracle Business Signature utility version 3.5.7 -->
  </body>
</html>