Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
patchinfo.7473
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7473
<patchinfo incident="7473"> <issue id="1023895" tracker="bnc">man page for login.defs in shadow-4.2.1-23.1 RPM contains invalid options</issue> <issue id="1052261" tracker="bnc">VUL-0: CVE-2017-12424: shadow: In shadow before 4.5, the newusers tool could be made to manipulate internaldata structures in ways unintended by the authors. Malformed input may lead tocrashes (with a buffer overflow or other memory corru</issue> <issue id="980486" tracker="bnc">useradd: reset tallylog, too</issue> <issue id="2017-12424" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>jubalh</packager> <description>This update for shadow fixes several issues. This security issue was fixed: - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors (bsc#1052261). These non-security issues were fixed: - bsc#1023895: Fixed man page to not contain invalid options and also prevent warnings when using these options in certain settings - bsc#980486: Reset user in /var/log/tallylog because of the usage of pam_tally2 This update was imported from the SUSE:SLE-12-SP2:Update update project.</description> <summary>Security update for shadow</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor