Advisories

Mandriva Advisories

Package name	pam
Date	December 16th, 2000
Advisory ID	MDKSA-2000:082
Affected versions	6.0, 6.1, 7.0, 7.1, 7.2
Synopsis	Updated pam packages fix buffer overflow in pam_localuser module

Problem Description

The pam_localuser module, which is a part of the pam package, contains
a buffer overflow vulnerability. This module is not used in any
default configuration and for a user to be exploited, they would have
to manually insert it into a configuration file in the /etc/pam.d
directory.

Updated Packages

Mandrakelinux 6.0

 89047507ccddc48d22d303ef1ced2e19  6.0/RPMS/pam-0.72-7.1mdk.i586.rpm
1a723b38bc265c6f37ed960e35aeee86  6.0/RPMS/pam-devel-0.72-7.1mdk.i586.rpm
1f61020c5e6174f3d2654684dde1cc41  6.0/RPMS/pam-doc-0.72-7.1mdk.i586.rpm
1cb1ac234d64a8d38e0a5bd03cc5c389  6.0/SRPMS/pam-0.72-7.1mdk.src.rpm

Mandrakelinux 6.1

 00d178754c2b16ae8d678ead4b319c84  6.1/RPMS/pam-0.72-7.1mdk.i586.rpm
c8b1b1bbd998e4e3bcacfe0dbad875f0  6.1/RPMS/pam-devel-0.72-7.1mdk.i586.rpm
de4d33d45bbbb805f55a3ecca3bc9bb3  6.1/RPMS/pam-doc-0.72-7.1mdk.i586.rpm
1cb1ac234d64a8d38e0a5bd03cc5c389  6.1/SRPMS/pam-0.72-7.1mdk.src.rpm

Mandrakelinux 7.0

 46f6378e00acfec0a0efaeedcbd68a94  7.0/RPMS/pam-0.72-7.1mdk.i586.rpm
39ff2a895a40ed3fd6e3cac708450539  7.0/RPMS/pam-devel-0.72-7.1mdk.i586.rpm
ac93e1513bf052edb12e81013cdd373f  7.0/RPMS/pam-doc-0.72-7.1mdk.i586.rpm
1cb1ac234d64a8d38e0a5bd03cc5c389  7.0/SRPMS/pam-0.72-7.1mdk.src.rpm

Mandrakelinux 7.1

 43472115ca09b70565001e9ece665016  7.1/RPMS/pam-0.72-7.1mdk.i586.rpm
2314b97db1c46d81150fc5100f160893  7.1/RPMS/pam-devel-0.72-7.1mdk.i586.rpm
3a5e9ba927e38ad2635f8c7ada818618  7.1/RPMS/pam-doc-0.72-7.1mdk.i586.rpm
1cb1ac234d64a8d38e0a5bd03cc5c389  7.1/SRPMS/pam-0.72-7.1mdk.src.rpm

Mandrakelinux 7.2

 f2dac7c4b7049e119b0172a229fb565f  7.2/RPMS/pam-0.72-12.1mdk.i586.rpm
633f0e2f17f808ee13cfefc7e1d76743  7.2/RPMS/pam-devel-0.72-12.1mdk.i586.rpm
817a109423f3b9ef84b3e4419bf29b27  7.2/RPMS/pam-doc-0.72-12.1mdk.i586.rpm
e5b5708c721a69458e9df9361ea9fd46  7.2/SRPMS/pam-0.72-12.1mdk.src.rpm

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer