- Issued:
- 2011-05-19
- Updated:
- 2011-05-19
RHBA-2011:0685 - Bug Fix Advisory
Synopsis
pam bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated pam packages that fix bugs and add enhancements are now available.
Description
Pluggable Authentication Modules (PAM) provide a system whereby
administrators can set up authentication policies without having to
recompile programs to handle authentication.
These updated pam packages fix the following bugs:
- When the pam packages were updated, the /var/log/tallylog and
/var/log/faillog files were overwritten with empty files because of
an incorrect condition check in the %post script. This has been
corrected, and PAM no longer attempts to overwrite tallylog and
faillog files when they exist prior to update. (BZ#614766)
- A code review revealed several small memory leaks and improperly
handled error paths in pam_namespace, pam_selinux, pam_limits,
pam_pwhistory, pam_time, and pam_group modules. These issues have
been corrected. (BZ#679069)
These updated packages also provide the following enhancements:
- The pam_limits module, which sets resource limits for processes,
now supports matching individual and ranges of user and group
identifiers in its limits.conf configuration file. (BZ#622847)
- A new pam_faillock module was added to support temporary locking of
user accounts in the event of multiple failed authentication
attempts. This new module improves functionality over the existing
pam_tally2 module, as it also allows temporary locking when the
authentication attempts are done over a screen saver. (BZ#644971)
- The audit records provided by the pam_selinux and pam_tally2
modules have been improved to include tty and remote hostname
information in each recorded event. (BZ#677664)
All pam users are advised to upgrade to these updated packages, which resolve
these issues and add these enhancements.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support 6 x86_64
Fixes
- BZ - 614766 - PAM truncates /var/log/faillog on upgrade
- BZ - 677664 - pam USER_ROLE_CHANGE audit events missing some info
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
i386 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
i386 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
Red Hat Enterprise Linux Workstation 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
i386 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
Red Hat Enterprise Linux Desktop 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
i386 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
Red Hat Enterprise Linux for IBM z Systems 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
s390x | |
pam-1.1.1-8.el6.s390.rpm | SHA-256: 4b6e96764a7ec4c29050d9cf78b70e2b282dea5df5f867e22d67ba6bff071cc4 |
pam-1.1.1-8.el6.s390x.rpm | SHA-256: 28d7458ce91bd18a6a61e09b56454ca6dcb3c440cf64067929358d9b5397e9b5 |
pam-debuginfo-1.1.1-8.el6.s390.rpm | SHA-256: b45311f20ce4b0d88a6eddd3322f07c5738a2b682c37bac07cb531e8d184807f |
pam-debuginfo-1.1.1-8.el6.s390x.rpm | SHA-256: 8795fb5b4e851e0f07eb4121ce2440e4665a99ef2c28a49e431142756631d0bd |
pam-devel-1.1.1-8.el6.s390.rpm | SHA-256: 3db31d4dac383df2f5a3645063775def12c660f0e40d525b44c4c547814b98b4 |
pam-devel-1.1.1-8.el6.s390x.rpm | SHA-256: 5903fd466d21d152f001282ca922ed70301e88d133e0d823cc0a1f81c7244b7b |
Red Hat Enterprise Linux for Power, big endian 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
ppc64 | |
pam-1.1.1-8.el6.ppc.rpm | SHA-256: 82cca64e5eb62023db2dccf62edb8f969d36cebb47baa07734308ddc3fb1e9dd |
pam-1.1.1-8.el6.ppc64.rpm | SHA-256: febc5fbf8d3903cb60c307d0ca1d869bb9d3c6a41adc8f0b09566efbe748b8f9 |
pam-debuginfo-1.1.1-8.el6.ppc.rpm | SHA-256: d7e8089991d2d7d9d562d53b3450577ad239219e09367fcdbac91df1a25037c2 |
pam-debuginfo-1.1.1-8.el6.ppc64.rpm | SHA-256: 109c2f320decf3d081862c7b9fadae6b759ddfb79b7c09be85037aa6b91a5b29 |
pam-devel-1.1.1-8.el6.ppc.rpm | SHA-256: 19b99928da51c90c81b8219c2ceab2af4aa8d11c688600cf0bd695034e931c80 |
pam-devel-1.1.1-8.el6.ppc64.rpm | SHA-256: 125e8eae0f28b822254057f2f7dff6700288ad81200536dc23319939345d5631 |
Red Hat Enterprise Linux for Scientific Computing 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
Red Hat Enterprise Linux Server from RHUI 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
i386 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
s390x | |
pam-1.1.1-8.el6.s390.rpm | SHA-256: 4b6e96764a7ec4c29050d9cf78b70e2b282dea5df5f867e22d67ba6bff071cc4 |
pam-1.1.1-8.el6.s390x.rpm | SHA-256: 28d7458ce91bd18a6a61e09b56454ca6dcb3c440cf64067929358d9b5397e9b5 |
pam-debuginfo-1.1.1-8.el6.s390.rpm | SHA-256: b45311f20ce4b0d88a6eddd3322f07c5738a2b682c37bac07cb531e8d184807f |
pam-debuginfo-1.1.1-8.el6.s390x.rpm | SHA-256: 8795fb5b4e851e0f07eb4121ce2440e4665a99ef2c28a49e431142756631d0bd |
pam-devel-1.1.1-8.el6.s390.rpm | SHA-256: 3db31d4dac383df2f5a3645063775def12c660f0e40d525b44c4c547814b98b4 |
pam-devel-1.1.1-8.el6.s390x.rpm | SHA-256: 5903fd466d21d152f001282ca922ed70301e88d133e0d823cc0a1f81c7244b7b |
Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support 6
SRPM | |
---|---|
pam-1.1.1-8.el6.src.rpm | SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
x86_64 | |
pam-1.1.1-8.el6.i686.rpm | SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
pam-1.1.1-8.el6.x86_64.rpm | SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
pam-debuginfo-1.1.1-8.el6.i686.rpm | SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
pam-debuginfo-1.1.1-8.el6.x86_64.rpm | SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
pam-devel-1.1.1-8.el6.i686.rpm | SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
pam-devel-1.1.1-8.el6.x86_64.rpm | SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.