EulerOS Virtualization 2.9.1 : selinux-policy (EulerOS-SA-2022-2366)

According to the versions of the selinux-policy packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the...

GLSA-202208-11 : Yubico pam-u2f: Local PIN Bypass vulnerability

The remote host is affected by the vulnerability described in GLSA-202208-11 Yubico pam-u2f: Local PIN Bypass vulnerability - Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not...

CVE-2021-31924

Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence touch or cryptographic signature verification to be bypassed, so an attacker would still need to physicall...

CVE-2020-24612

An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If configured with the nouserok...

CVE-2020-24612

An issue was discovered in the selinux-policy aka Reference Policy package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If configured with the nouserok...

CVE-2020-24612

The CVE-2020-24612 issue affects the selinux-policy (Reference Policy) package 3.14–2020-08-24, where mishandling of the .config/Yubico directory in SELinux-enforced mode prevents pam-u2f from reading a user's U2F configuration. If nouserok is used, and the file cannot be read, second-factor auth...