Https://packages.altlinux.org/en/sisyphus/security/FDD78F751AE80FCA6447F968E37FF4C4Security fix for the ALT Linux 8 package shadow version 1:4.2.1-alt7.M80P.1
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
1:4.2.1-alt7.M80P.1 built March 13, 2017 Mikhail Efremov in task #179286
March 7, 2017 Mikhail Efremov
- Backported from upstream git:
+ Fix a resource leak in syslog_sg.
+ Fix a resource leak in libmis/idmapping.c.
+ Free memory on error path.
- Fix user busy errors at userdel (patch from Fedora).
- Fix possible crash if gmtime() returns NULL.
- chsh: Fix duplicate warning.
- submap: Add control scripts for newuidmap/newgidmap.
- Simplify getulong (fixes CVE-2016-6252).
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P