| Revision Date: | 2017-11-08 | Version: | 1 |
| Title: | Security update for shadow (Moderate) |
| Description: |
This update for shadow fixes several issues.
This security issue was fixed:
- CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors (bsc#1052261).
These non-security issues were fixed:
- bsc#1023895: Fixed man page to not contain invalid options and also prevent warnings when using these options in certain settings - bsc#980486: Reset user in /var/log/tallylog because of the usage of pam_tally2
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1023895
1052261
980486
CVE-2017-12424
SUSE-SU-2017:2947-1
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed AND shadow-4.2.1-27.3.3 is installed
|