Release date:
2023-01-30 20:39:50 UTC
Description:
* SECURITY UPDATE: access denial bypass in pam_access.so
- debian/patches-applied/CVE-2022-28321.patch: properly use getnameinfo()
and getaddrinfo() to handle hostnames in access.conf, add freeaddrinfo()
to avoid memory leaks on return from network_netmask_match() as well
- CVE-2022-28321
Updated packages:
-
libpam-cracklib_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb
sha:bf25ea57efb48a43c157172c0b8cff37c3615ad7
-
libpam-doc_1.1.8-3.2ubuntu2.3+tuxcare.els1_all.deb
sha:fd5983bbba2a24c2d8b5de21c5430c1438fe9e89
-
libpam-modules_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb
sha:333fb54b9406c188c0842c7a50e5501a4d7c620e
-
libpam-modules-bin_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb
sha:d979bfd87d27b2712e36db5e2cab633d35c3664e
-
libpam-runtime_1.1.8-3.2ubuntu2.3+tuxcare.els1_all.deb
sha:cc7635baafe8966cc37b77f707b8eb216dba1a34
-
libpam0g_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb
sha:f310d249d431e8a4e7ce13e48b6b013bef01c557
-
libpam0g-dev_1.1.8-3.2ubuntu2.3+tuxcare.els1_amd64.deb
sha:37c0e6ecf6eaa7b3159c2e18d94c161060a13eb2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.