[El-errata] ELSA-2017-2285 Moderate: Oracle Linux 7 authconfig security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Aug 8 13:54:38 PDT 2017
Oracle Linux Security Advisory ELSA-2017-2285
http://linux.oracle.com/errata/ELSA-2017-2285.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
authconfig-6.2.8-30.el7.x86_64.rpm
authconfig-gtk-6.2.8-30.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/authconfig-6.2.8-30.el7.src.rpm
Description of changes:
[6.2.8-30]
- do not use /usr and LIBDIR together (#1455233)
[6.2.8-29]
- update translations (#1449625)
[6.2.8-28]
- ignore PAM_IGNORE for pam_succeed_if so application do not fail in
pam_setcred() (#1450425)
[6.2.8-27]
- fix typo in the patch for CVE-2017-7488 (#1441604)
[6.2.8-26]
- CVE-2017-7488 authconfig: Information leak when SSSD is used for
authentication against remote server (#1441604)
[6.2.8-25]
- faillock: change preauth phase to required and fix arguments handling
(#1334449)
[6.2.8-24]
- faillock: add preauth phase so the account is actually blocked (#1334449)
[6.2.8-23]
- sssd: do not write SSSD PAM if there is no sssd.conf present (#1443949)
[6.2.8-21]
- sssd: do not ask for password with smartcards (#1441374)
[6.2.8-20]
- sssd: catch NoServiceError exception (#1441549)
[6.2.8-19]
- Add pam_faillock support (#1334449)
[6.2.8-18]
- Add SSSD Smartcard support (#1378943)
[6.2.8-17]
- Enable SSSD authentication also for local users (#1329598)
[6.2.8-16]
- Note that SSSD configuration may change with --updateall (#1339434)
[6.2.8-15]
- change pam module location from /lib[64] to /usr/lib[64] (#1414494)
More information about the El-errata
mailing list