[El-errata] ELSA-2010-0891 Moderate: Oracle Linux 6 pam security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Feb 16 13:01:53 PST 2011
Oracle Linux Security Advisory ELSA-2010-0891
https://rhn.redhat.com/errata/RHSA-2010-0891.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
pam-1.1.1-4.el6_0.1.i686.rpm
pam-devel-1.1.1-4.el6_0.1.i686.rpm
x86_64:
pam-1.1.1-4.el6_0.1.i686.rpm
pam-1.1.1-4.el6_0.1.x86_64.rpm
pam-devel-1.1.1-4.el6_0.1.i686.rpm
pam-devel-1.1.1-4.el6_0.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/el6/SRPMS-updates/pam-1.1.1-4.el6_0.1.src.rpm
Description of changes:
[1.1.1-4.1]
- fix insecure dropping of priviledges in pam_xauth, pam_env,
and pam_mail - CVE-2010-3316 (#637898), CVE-2010-3435 (#641335)
- fix insecure executing of scripts with user supplied environment
variables in pam_namespace - CVE-2010-3853 (#643043)
More information about the El-errata
mailing list