UbuntuUpdates.org

Package "libpam-systemd"

Name: libpam-systemd

Description:

system and service manager - PAM module

Latest version: 249.11-0ubuntu3.7
Release: jammy (22.04)
Level: security
Repository: main
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links


Download "libpam-systemd"


Other versions of "libpam-systemd" in Jammy

Repository Area Version
base main 249.11-0ubuntu3
updates main 249.11-0ubuntu3.12
proposed main 249.11-0ubuntu3.14

Changelog

Version: 249.11-0ubuntu3.7 2023-03-07 19:07:10 UTC

  systemd (249.11-0ubuntu3.7) jammy-security; urgency=medium

  * SECURITY UPDATE: buffer overrun vulnerability in format_timespan()
    - debian/patches/CVE-2022-3821.patch: time-util: fix buffer-over-run
    - CVE-2022-3821
  * SECURITY UPDATE: information leak vulnerability in systemd-coredump
    - debian/patches/CVE-2022-4415.patch: do not allow user to access
      coredumps with changed uid/gid/capabilities
    - CVE-2022-4415

 -- Nishit Majithia <email address hidden> Thu, 02 Mar 2023 18:28:02 +0530

CVE-2022-3821 An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time a
CVE-2022-4415 A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpab



About   -   Send Feedback to @ubuntu_updates