[ol9_u6_baseos_base] pam-1.5.1-23.0.1.el9.aarch64

PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without
having to recompile programs that handle authentication.

Changelog (Show File list) (Show related packages)

• Tue Feb 18 2025 Akshata Konala <akshata.konala@oracle.com> - 1.5.1-23.0.1

  - pam_limits: fix use after free in pam_sm_open_session [Orabug: 36406534]

• Thu Nov 21 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-23

  - pam_access: rework resolving of tokens as hostname.
    Resolves: CVE-2024-10963 and RHEL-66244

• Mon Nov 04 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-22

  - pam_unix: always run the helper to obtain shadow password file entries.
    CVE-2024-10041. Resolves: RHEL-62879
  - pam_access: always match local address and clarify LOCAL keyword behaviour.
    Resolves: RHEL-23631 and RHEL-39943

• Tue Jun 18 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-20

  - libpam: support long lines in service files. Resolves: RHEL-40705

• Mon Feb 12 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-19

  - pam_namespace: protect_dir(): use O_DIRECTORY to prevent local DoS
    situations. CVE-2024-22365. Resolves: RHEL-21244

• Fri Jan 26 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-18

  - libpam: use getlogin() from libc and not utmp. Resolves: RHEL-16727
  - pam_access: handle hostnames in access.conf. Resolves: RHEL-22300

• Mon Jan 08 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-17

  - pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-20943

• Fri Nov 10 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-16

  - libpam: use close_range() to close file descriptors. Resolves: RHEL-5099
  - fix formatting of audit messages. Resolves: RHEL-5100

• Mon Jun 26 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.5.1-15

  - pam_misc: make length of misc_conv() configurable and set to 4096. Resolves: #2215007