[El-errata] ELSA-2017-2285 Moderate: Oracle Linux 7 authconfig security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 8 13:54:38 PDT 2017


Oracle Linux Security Advisory ELSA-2017-2285

http://linux.oracle.com/errata/ELSA-2017-2285.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
authconfig-6.2.8-30.el7.x86_64.rpm
authconfig-gtk-6.2.8-30.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/authconfig-6.2.8-30.el7.src.rpm



Description of changes:

[6.2.8-30]
- do not use /usr and LIBDIR together (#1455233)

[6.2.8-29]
- update translations (#1449625)

[6.2.8-28]
- ignore PAM_IGNORE for pam_succeed_if so application do not fail in 
pam_setcred() (#1450425)

[6.2.8-27]
- fix typo in the patch for CVE-2017-7488 (#1441604)

[6.2.8-26]
- CVE-2017-7488 authconfig: Information leak when SSSD is used for 
authentication against remote server (#1441604)

[6.2.8-25]
- faillock: change preauth phase to required and fix arguments handling 
(#1334449)

[6.2.8-24]
- faillock: add preauth phase so the account is actually blocked (#1334449)

[6.2.8-23]
- sssd: do not write SSSD PAM if there is no sssd.conf present (#1443949)

[6.2.8-21]
- sssd: do not ask for password with smartcards (#1441374)

[6.2.8-20]
- sssd: catch NoServiceError exception (#1441549)

[6.2.8-19]
- Add pam_faillock support (#1334449)

[6.2.8-18]
- Add SSSD Smartcard support (#1378943)

[6.2.8-17]
- Enable SSSD authentication also for local users (#1329598)

[6.2.8-16]
- Note that SSSD configuration may change with --updateall (#1339434)

[6.2.8-15]
- change pam module location from /lib[64] to /usr/lib[64] (#1414494)





More information about the El-errata mailing list