Overview

File _patchinfo of Package patchinfo.2581

<patchinfo incident="2581">
   <issue id="934920" tracker="bnc">VUL-1: CVE-2015-3238: pam: Security issue in pam_unix module with SELinux enabled</issue>
  <issue id="1015565" tracker="bnc">PAM: pam_nologin gives no information why a login fails</issue>
  <issue id="1037824" tracker="bnc">L3: Blowfish password hash algorithm not usable on SLES 12</issue>
   <issue id="2015-3238" tracker="cve" />
   <category>security</category>
   <rating>moderate</rating>
   <packager>jmoellers</packager>
  <description>
This update for pam fixes the following issues:
 

- CVE-2015-3238: pam_unix in conjunction with SELinux allowed for DoS attacks (bsc#934920).
- log a hint to syslog if /etc/nologin is present, but empty (bsc#1015565).
- If /etc/nologin is present, but empty, log a hint to syslog. (bsc#1015565)
- Added support for libowcrypt.so, if present, to configure support for BLOWFISH (bsc#1037824)

 </description>
   <summary>Security update for pam</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places