openSUSE Security Update : pam_pkcs11 (openSUSE-2018-1250)
Medium Nessus Plugin ID 118385
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for pam_pkcs11 fixes the following security issues :
- It was possible to replay an authentication by using a specially prepared smartcard or token (bsc#1105012)
- Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes (bsc#1105012)
- Memory not cleaned properly before free() (bsc#1105012)
This non-security issue was fixed :
- Fix segfault and fetch problems when checking CRLs
This update was imported from the SUSE:SLE-15:Update update project.
SolutionUpdate the affected pam_pkcs11 packages.