Updated pam packages that fix several bugs and add an enhancement are now
available.
Pluggable Authentication Modules (PAM) provide a system whereby
administrators can set up authentication policies, without having to
recompile programs that handle authentication.
These updated pam packages provide fixes for the following bugs:
* the pam_rhosts_auth module was not able to identify host names with
leading digits.
* the pam_unix module was not able to update passwords when it was called
from a multithreaded application.
* on systems with 32-bit user IDs (UIDs), the pam_loginuid module did not
correctly set the loginuid value in the kernel, and the module returned an
error when users with UID numbers greater than 31 bits tried to authenticate.
* certain modules, including pam_access, could fail group membership tests
on systems with groups containing a large number of members.
* the documentation for the pam_limits module has been updated to include
information stating that the Resident Set Size (RSS) limit is not enforced
on current kernels.
* the pam_limits module was unable to apply limits to users who belonged to
very large groups. The maximum size of internal buffers for group entries
has been increased so that limits still take effect even with very large
groups.
In addition, these updated pam packages provide an enhancement in the way
of an option for the pam_tally2 module that allows serialized access to the
/var/log/tallylog file. Enabling this option prevents possible failed
authentication when two separate processes attempt to authenticate nearly
simultaneously when the lock_time option ("always deny for n seconds after
a failed attempt") is set to a value of one or greater.
Users are advised to upgrade to these updated pam packages, which resolve
these issues and add this enhancement.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
| Red Hat Desktop (v. 4) |
|
| SRPMS: |
| pam-0.77-66.26.src.rpm |
6ec16a379d7ee64468454e136bf22bd0 |
| |
| IA-32: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| |
| x86_64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.x86_64.rpm |
abbcd9d4685aec0df58e68dfffce8390 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| pam-devel-0.77-66.26.x86_64.rpm |
2bb271d1ac0b09417a31fd23f3f9aa50 |
| |
| Red Hat Enterprise Linux AS (v. 4) |
|
| SRPMS: |
| pam-0.77-66.26.src.rpm |
6ec16a379d7ee64468454e136bf22bd0 |
| |
| IA-32: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| |
| IA-64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.ia64.rpm |
aec4ab7bd983f565ab5bf174399c9b53 |
| pam-devel-0.77-66.26.ia64.rpm |
59b3de42bb2736cdff0f560d65231248 |
| |
| PPC: |
| pam-0.77-66.26.ppc.rpm |
fabb12bb30b43369be3c5e956b377650 |
| pam-0.77-66.26.ppc64.rpm |
13503864b464247c61919f89c29bc916 |
| pam-devel-0.77-66.26.ppc.rpm |
740b9f729724aaf8f6de424f08e46f2f |
| pam-devel-0.77-66.26.ppc64.rpm |
6a781d2f435d519231d40e0abfbbc944 |
| |
| s390: |
| pam-0.77-66.26.s390.rpm |
01c28461d72ffccf0e0543aca7e0412b |
| pam-devel-0.77-66.26.s390.rpm |
1c4a48b25828c018d48764681cdb9b56 |
| |
| s390x: |
| pam-0.77-66.26.s390.rpm |
01c28461d72ffccf0e0543aca7e0412b |
| pam-0.77-66.26.s390x.rpm |
9d59df57fac1a25be13cf9fff908d63b |
| pam-devel-0.77-66.26.s390.rpm |
1c4a48b25828c018d48764681cdb9b56 |
| pam-devel-0.77-66.26.s390x.rpm |
31153b392b88330081088b7bdef27d03 |
| |
| x86_64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.x86_64.rpm |
abbcd9d4685aec0df58e68dfffce8390 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| pam-devel-0.77-66.26.x86_64.rpm |
2bb271d1ac0b09417a31fd23f3f9aa50 |
| |
| Red Hat Enterprise Linux ES (v. 4) |
|
| SRPMS: |
| pam-0.77-66.26.src.rpm |
6ec16a379d7ee64468454e136bf22bd0 |
| |
| IA-32: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| |
| IA-64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.ia64.rpm |
aec4ab7bd983f565ab5bf174399c9b53 |
| pam-devel-0.77-66.26.ia64.rpm |
59b3de42bb2736cdff0f560d65231248 |
| |
| x86_64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.x86_64.rpm |
abbcd9d4685aec0df58e68dfffce8390 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| pam-devel-0.77-66.26.x86_64.rpm |
2bb271d1ac0b09417a31fd23f3f9aa50 |
| |
| Red Hat Enterprise Linux WS (v. 4) |
|
| SRPMS: |
| pam-0.77-66.26.src.rpm |
6ec16a379d7ee64468454e136bf22bd0 |
| |
| IA-32: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| |
| IA-64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.ia64.rpm |
aec4ab7bd983f565ab5bf174399c9b53 |
| pam-devel-0.77-66.26.ia64.rpm |
59b3de42bb2736cdff0f560d65231248 |
| |
| x86_64: |
| pam-0.77-66.26.i386.rpm |
141db9e7a56b7ad985f06d9e9bcae7f1 |
| pam-0.77-66.26.x86_64.rpm |
abbcd9d4685aec0df58e68dfffce8390 |
| pam-devel-0.77-66.26.i386.rpm |
b91b8f8dbe07483bcb0a3e8715558d00 |
| pam-devel-0.77-66.26.x86_64.rpm |
2bb271d1ac0b09417a31fd23f3f9aa50 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
446025 - pam_tally2 race when authenticating more than once at the same time.
447842 - pam_limits PWD_ABSURD_PWD_LENGTH is still too low
459628 - Problem with man page for limits.conf
460241 - pam_loginuid fails on 32 bit uid's
469857 - pam_chauthtok() only works in main but not child threads
pam bug fix and enhancement update