[El-errata] ELSA-2010-0819 Moderate: Oracle Linux 5 pam security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Mon Nov 1 20:46:13 PDT 2010
Oracle Linux Security Advisory ELSA-2010-0819
https://rhn.redhat.com/errata/RHSA-2010-0819.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
pam-0.99.6.2-6.el5_5.2.i386.rpm
pam-devel-0.99.6.2-6.el5_5.2.i386.rpm
x86_64:
pam-0.99.6.2-6.el5_5.2.i386.rpm
pam-0.99.6.2-6.el5_5.2.x86_64.rpm
pam-devel-0.99.6.2-6.el5_5.2.i386.rpm
pam-devel-0.99.6.2-6.el5_5.2.x86_64.rpm
ia64:
pam-0.99.6.2-6.el5_5.2.i386.rpm
pam-0.99.6.2-6.el5_5.2.ia64.rpm
pam-devel-0.99.6.2-6.el5_5.2.ia64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/pam-0.99.6.2-6.el5_5.2.src.rpm
Description of changes:
[0.99.6.2-6.2]
- fix insecure dropping of priviledges in pam_xauth
and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335)
- fix insecure executing of scripts with user supplied environment
variables in pam_namespace - CVE-2010-3853 (#643043)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.oracle.com/pipermail/el-errata/attachments/20101101/c87936c1/attachment.html
More information about the El-errata
mailing list