The pam_env module is vulnerable to a stack overflow
(CVE-2011-3148) and a DoS condition (CVE-2011-3149) when
parsing users .pam_environment files. Additionally a
missing return value check inside pam_xauth has been fixed
(CVE-2010-3316).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server | 10.4 | x86_64 | pam | < 0.99.6.3-28.25.4 | pam-0.99.6.3-28.25.4.x86_64.rpm |
SUSE Linux Enterprise Server | 10.4 | ppc | pam-64bit | < 0.99.6.3-28.25.4 | pam-64bit-0.99.6.3-28.25.4.ppc.rpm |
SUSE Linux Enterprise Server | 10.4 | i586 | pam | < 0.99.6.3-28.25.4 | pam-0.99.6.3-28.25.4.i586.rpm |
SUSE Linux Enterprise Desktop | 10.4 | x86_64 | pam | < 0.99.6.3-28.25.4 | pam-0.99.6.3-28.25.4.x86_64.rpm |
SUSE Linux Enterprise Server | 10.4 | i586 | pam-devel | < 0.99.6.3-28.25.4 | pam-devel-0.99.6.3-28.25.4.i586.rpm |
SUSE Linux Enterprise Server | 10.4 | ppc | pam-devel-64bit | < 0.99.6.3-28.25.4 | pam-devel-64bit-0.99.6.3-28.25.4.ppc.rpm |
SUSE Linux Enterprise Server | 10.4 | ppc | pam | < 0.99.6.3-28.25.4 | pam-0.99.6.3-28.25.4.ppc.rpm |
SUSE Linux Enterprise Server | 10.4 | s390x | pam | < 0.99.6.3-28.25.4 | pam-0.99.6.3-28.25.4.s390x.rpm |
SUSE Linux Enterprise Desktop | 10.4 | i586 | pam-devel | < 0.99.6.3-28.25.4 | pam-devel-0.99.6.3-28.25.4.i586.rpm |
SUSE Linux Enterprise Server | 10.4 | ia64 | pam | < 0.99.6.3-28.25.4 | pam-0.99.6.3-28.25.4.ia64.rpm |