8 matches found
openSUSE: Security Advisory for libu2f-host, pam_u2f (openSUSE-SU-2019:1708-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : libu2f-host / pam_u2f (openSUSE-2019-1725)
This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues : Security issues fixed for libu2f-host : - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. Security issues fixed for pamu2f : - CVE-2019-12209: Fixed an issue where symlinks ...
openSUSE Security Update : libu2f-host / pam_u2f (openSUSE-2019-1708)
This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues : Security issues fixed for libu2f-host : - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. Security issues fixed for pamu2f : - CVE-2019-12209: Fixed an issue where symlinks ...
openSUSE: Security Advisory for libu2f-host, pam_u2f (openSUSE-SU-2019:1725-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2019:1725-1 Security update for libu2f-host, pam_u2f
This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues: Security issues fixed for libu2f-host: - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. Security issues fixed for pamu2f: - CVE-2019-12209: Fixed an issue where symlinks in...
SUSE SLED12 / SLES12 Security Update : libu2f-host (SUSE-SU-2019:1749-1)
This update for libu2f-host and pamu2f to version 1.0.8 fixes the following issues : Security issues fixed for libu2f-host : CVE-2019-9578: Fixed a memory leak due to a wrong parse of init's response bsc1128140. CVE-2018-20340: Fixed an unchecked buffer, which could allow a buffer overflow with a...
CVE-2019-12210
In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug log file is set using debugfile, that file descriptor is not closed when a new process is spawned. This leads to the file descriptor being inherited into the child process; the child process can then read from and write to it...
CVE-2019-12210
In pam_u2f 1.0.7, when debug_file is configured, the debug file descriptor is not closed across spawned processes, allowing the child process to read/write that descriptor. This can leak sensitive data and, if written to, may be used to fill disk space or plant misinformation. OpenSUSE/SUSE advis...