pam bug fix and enhancement update
| Advisory: | RHBA-2011:0685-1 |
|---|---|
| Type: | Bug Fix Advisory |
| Severity: | N/A |
| Issued on: | 2011-05-19 |
| Last updated on: | 2011-05-19 |
| Affected Products: | Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Workstation (v. 6) |
Details
Updated pam packages that fix bugs and add enhancements are now available.
Pluggable Authentication Modules (PAM) provide a system whereby
administrators can set up authentication policies without having to
recompile programs to handle authentication.
These updated pam packages fix the following bugs:
* When the pam packages were updated, the /var/log/tallylog and
/var/log/faillog files were overwritten with empty files because of
an incorrect condition check in the %post script. This has been
corrected, and PAM no longer attempts to overwrite tallylog and
faillog files when they exist prior to update. (BZ#614766)
* A code review revealed several small memory leaks and improperly
handled error paths in pam_namespace, pam_selinux, pam_limits,
pam_pwhistory, pam_time, and pam_group modules. These issues have
been corrected. (BZ#679069)
These updated packages also provide the following enhancements:
* The pam_limits module, which sets resource limits for processes,
now supports matching individual and ranges of user and group
identifiers in its limits.conf configuration file. (BZ#622847)
* A new pam_faillock module was added to support temporary locking of
user accounts in the event of multiple failed authentication
attempts. This new module improves functionality over the existing
pam_tally2 module, as it also allows temporary locking when the
authentication attempts are done over a screen saver. (BZ#644971)
* The audit records provided by the pam_selinux and pam_tally2
modules have been improved to include tty and remote hostname
information in each recorded event. (BZ#677664)
All pam users are advised to upgrade to these updated packages, which resolve
these issues and add these enhancements.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://access.redhat.com/kb/docs/DOC-11259
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://access.redhat.com/kb/docs/DOC-11259
Updated packages
| Red Hat Enterprise Linux Desktop (v. 6) | |
| SRPMS: | |
| pam-1.1.1-8.el6.src.rpm File outdated by: RHSA-2013:0521 |
MD5: 9c1907775b50022f6b2baf07d1d1d63a SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
| IA-32: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| x86_64: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 3ad1096b5af88de45b8ff2e79d6ab087 SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-debuginfo-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 37d1b1da56c420bc7888a7627315cfa4 SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| pam-devel-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 912232cc232bfa48180b9b4af238d7aa SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
| Red Hat Enterprise Linux HPC Node (v. 6) | |
| SRPMS: | |
| pam-1.1.1-8.el6.src.rpm File outdated by: RHSA-2013:0521 |
MD5: 9c1907775b50022f6b2baf07d1d1d63a SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
| x86_64: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 3ad1096b5af88de45b8ff2e79d6ab087 SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-debuginfo-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 37d1b1da56c420bc7888a7627315cfa4 SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| pam-devel-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 912232cc232bfa48180b9b4af238d7aa SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
| Red Hat Enterprise Linux Server (v. 6) | |
| SRPMS: | |
| pam-1.1.1-8.el6.src.rpm File outdated by: RHSA-2013:0521 |
MD5: 9c1907775b50022f6b2baf07d1d1d63a SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
| IA-32: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| PPC: | |
| pam-1.1.1-8.el6.ppc.rpm File outdated by: RHSA-2013:0521 |
MD5: b5fcf75cf58cb77fed35bc7b75c30aac SHA-256: 82cca64e5eb62023db2dccf62edb8f969d36cebb47baa07734308ddc3fb1e9dd |
| pam-1.1.1-8.el6.ppc64.rpm File outdated by: RHSA-2013:0521 |
MD5: c1c452f7436d89d3c5aea601088325be SHA-256: febc5fbf8d3903cb60c307d0ca1d869bb9d3c6a41adc8f0b09566efbe748b8f9 |
| pam-debuginfo-1.1.1-8.el6.ppc.rpm File outdated by: RHSA-2013:0521 |
MD5: 87ef786e07bc03c756ef0c296db7383f SHA-256: d7e8089991d2d7d9d562d53b3450577ad239219e09367fcdbac91df1a25037c2 |
| pam-debuginfo-1.1.1-8.el6.ppc64.rpm File outdated by: RHSA-2013:0521 |
MD5: cce8f9eeb807f2b84f6b410db602309c SHA-256: 109c2f320decf3d081862c7b9fadae6b759ddfb79b7c09be85037aa6b91a5b29 |
| pam-devel-1.1.1-8.el6.ppc.rpm File outdated by: RHSA-2013:0521 |
MD5: 6bdd241fdb459d7c1bfd4ec70c03b01b SHA-256: 19b99928da51c90c81b8219c2ceab2af4aa8d11c688600cf0bd695034e931c80 |
| pam-devel-1.1.1-8.el6.ppc64.rpm File outdated by: RHSA-2013:0521 |
MD5: ae2c93516ed6d59743170291399265ca SHA-256: 125e8eae0f28b822254057f2f7dff6700288ad81200536dc23319939345d5631 |
| s390x: | |
| pam-1.1.1-8.el6.s390.rpm File outdated by: RHSA-2013:0521 |
MD5: f690f88cf217b3ea885d3a94c696da45 SHA-256: 4b6e96764a7ec4c29050d9cf78b70e2b282dea5df5f867e22d67ba6bff071cc4 |
| pam-1.1.1-8.el6.s390x.rpm File outdated by: RHSA-2013:0521 |
MD5: c104c4f7427054f55c58c8bd11a4392b SHA-256: 28d7458ce91bd18a6a61e09b56454ca6dcb3c440cf64067929358d9b5397e9b5 |
| pam-debuginfo-1.1.1-8.el6.s390.rpm File outdated by: RHSA-2013:0521 |
MD5: c55e75a989a6c45d12d4f13f6f262fd9 SHA-256: b45311f20ce4b0d88a6eddd3322f07c5738a2b682c37bac07cb531e8d184807f |
| pam-debuginfo-1.1.1-8.el6.s390x.rpm File outdated by: RHSA-2013:0521 |
MD5: a47206cc8c051a69d4fb8e793f380cef SHA-256: 8795fb5b4e851e0f07eb4121ce2440e4665a99ef2c28a49e431142756631d0bd |
| pam-devel-1.1.1-8.el6.s390.rpm File outdated by: RHSA-2013:0521 |
MD5: 6dc492a2045bb82fe5cc918af893b3b9 SHA-256: 3db31d4dac383df2f5a3645063775def12c660f0e40d525b44c4c547814b98b4 |
| pam-devel-1.1.1-8.el6.s390x.rpm File outdated by: RHSA-2013:0521 |
MD5: 186301b3c1c1ecb28ff1ce4086ad8b54 SHA-256: 5903fd466d21d152f001282ca922ed70301e88d133e0d823cc0a1f81c7244b7b |
| x86_64: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 3ad1096b5af88de45b8ff2e79d6ab087 SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-debuginfo-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 37d1b1da56c420bc7888a7627315cfa4 SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| pam-devel-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 912232cc232bfa48180b9b4af238d7aa SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
| Red Hat Enterprise Linux Workstation (v. 6) | |
| SRPMS: | |
| pam-1.1.1-8.el6.src.rpm File outdated by: RHSA-2013:0521 |
MD5: 9c1907775b50022f6b2baf07d1d1d63a SHA-256: 841f1edd80e76a0fdd440ea9b703bff79a18d0191530f5109e031712bb6aef67 |
| IA-32: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| x86_64: | |
| pam-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: ec1332519c2ad0e2b7155b3955aa9f2a SHA-256: 8545e59726ff0caa671ec77f89431d1aa01d509decb990f1843e260b3899ef2e |
| pam-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 3ad1096b5af88de45b8ff2e79d6ab087 SHA-256: 7d7a9dfcf8b54fbbb19d94921fe59370002abb57568b6ec0ac4a70e94f1d16fa |
| pam-debuginfo-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: 43a6e034f5ffe592317f3e2a6e71f667 SHA-256: b8dda28b7c8f7af222883047ac2882a5ab161a2ee7ddc9036a4060a88fa7c773 |
| pam-debuginfo-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 37d1b1da56c420bc7888a7627315cfa4 SHA-256: c53910409e37a0cec1a6e669e0bedb58671c1bca1450160ccad43d3488f065dc |
| pam-devel-1.1.1-8.el6.i686.rpm File outdated by: RHSA-2013:0521 |
MD5: a8e35dfb4f9ba925049be68b28143a0f SHA-256: f0cce97c556c8c660b526b94f1d9ce2d8c563cdd5adc83884e7403e5be65146b |
| pam-devel-1.1.1-8.el6.x86_64.rpm File outdated by: RHSA-2013:0521 |
MD5: 912232cc232bfa48180b9b4af238d7aa SHA-256: eba667c3d3f046a4baec423a4632c0e2b91b81512bb193f7a70e3766b3688425 |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
614766 - PAM truncates /var/log/faillog on upgrade
677664 - pam USER_ROLE_CHANGE audit events missing some info
Keywords
audit, fail, faillock, leak, locking, rhost, screensaver, tallylog, tty
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
