The pam_env module is vulnerable to a stack overflow
(CVE-2011-3148) and a DoS condition (CVE-2011-3149) when
parsing users .pam_environment files. Additionally a
missing return value check inside pam_xauth has been fixed
(CVE-2010-3316).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 11.3 | noarch | pam-doc | < 1.1.1.90-2.3.1 | pam-doc-1.1.1.90-2.3.1.noarch.rpm |
openSUSE | 11.3 | x86_64 | pam | < 1.1.1.90-2.3.1 | pam-1.1.1.90-2.3.1.x86_64.rpm |
openSUSE | 11.3 | x86_64 | pam-32bit | < 1.1.1.90-2.3.1 | pam-32bit-1.1.1.90-2.3.1.x86_64.rpm |
openSUSE | 11.3 | i586 | pam-devel | < 1.1.1.90-2.3.1 | pam-devel-1.1.1.90-2.3.1.i586.rpm |
openSUSE | 11.3 | x86_64 | pam-devel-32bit | < 1.1.1.90-2.3.1 | pam-devel-32bit-1.1.1.90-2.3.1.x86_64.rpm |
openSUSE | 11.3 | x86_64 | pam-devel | < 1.1.1.90-2.3.1 | pam-devel-1.1.1.90-2.3.1.x86_64.rpm |
openSUSE | 11.3 | i586 | pam | < 1.1.1.90-2.3.1 | pam-1.1.1.90-2.3.1.i586.rpm |