authconfig-6.2.8-30.el7
エラータID: AXSA:2017-1892:01
Release date:
Saturday, August 26, 2017 - 16:44
Subject:
authconfig-6.2.8-30.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
Authconfig is a command line utility which can configure a workstation
to use shadow (more secure) passwords. Authconfig can also configure a
system to be a client for certain networked user information and
authentication schemes.
CVE-2017-7488
Authconfig version 6.2.8 is vulnerable to an Information exposure
while using SSSD to authenticate against remote server resulting in
the leak of information about existing usernames.
Authconfig version 6.2.8 is vulnerable to an Information exposure
while using SSSD to authenticate against remote server resulting in
the leak of information about existing usernames.
Solution:
Update packages.
CVEs:
CVE-2017-7488
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames.
Additional Info:
N/A
Download:
SRPMS
- authconfig-6.2.8-30.el7.src.rpm
MD5: 173a106bb000632c9c0d3b9b78b3eaa9
SHA-256: a3db6ce9da780c20aeb7f833eefdcd93fe4aabdfb93737b2466c90b12ee99331
Size: 1.41 MB
Asianux Server 7 for x86_64
- authconfig-6.2.8-30.el7.x86_64.rpm
MD5: d66418449556a558d7713d39d12a4354
SHA-256: 6c1e28c4cec184dd4bf7376d742d9027df156373103582d4d56ec225cd697ec6
Size: 423.26 kB - authconfig-gtk-6.2.8-30.el7.x86_64.rpm
MD5: 3d1ac6bf95a830173a9c345017a5ce1a
SHA-256: 32526a795fc8d8da90cc6a50721b4d5098ece20d042109347f959b57dad86840
Size: 108.43 kB