Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHBA-2012:1144-01

Overview

Id RHBA-2012:1144-01
Name Red Hat 2012:1144-01 RHBA libuser bug fix update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Recommended Recommended
Language(s)
Operating System(s) Linux 
Released On 07 Jan 2013 12:00:00

RHBA-2012:1144-01

Red Hat 2012:1144-01 RHBA libuser bug fix update for RHEL 5 x86

Vendor Name

red_hat

Product

None

Released On

07 Jan 2013 12:00:00

Url

https://rhn.redhat.com/errata/RHBA-2012-1144.html

Description

LSAC(v2)
The libuser packages provide a library to implement a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back ends to interface to its data sources. Sample applications modeled after those included with the shadow password suite are included. This update fixes the following bugs: * Prior to this update, libuser could not signal the name service caching daemon (nscd) to refresh the cache. As a consequence, delays in the name service could occur when the user account information was changed. With this update, the libuser signals nscd to rebuild its cache. Now, changes that affect the name service take effect more quickly.(BZ#506628) * Prior to this update, libuser used the value of the "gecos" attribute for the "cn" attribute by default when creating a user account with the Lightweight Directory Access Protocol (LDAP). As a consequence, an invalid value for "cn" was used and the user account was not created if the "gecos" attribute was empty. With this update, the user name of the account is stored in the "cn" attribute if the "gecos" attribute is empty, thus allowing successful creation of the user account. (BZ#670279) * Prior to this update, libuser could attempt to access unallocated virtual memory when searching for account information in files of certain sizes. As a consequence, libuser could terminate unexpectedly with a segmentation fault when looking for user or group account information. This update modifies modifies the libuser library to only access memory related to the file being processed. (BZ#758117) All users of libuser are advised to upgrade to these updated packages, which fix these bugs.

Related Resources

Related Vulnerabilities

None

Related Patches

None

Superseded Patches

None


Last Updated: 27 May 2016 11:16:11