2025-02-04
ALT-BU-2025-2409-1
Branch p10_e2k update bulletin.
Package pam-config updated to version 1.9.1-alt1 for branch p10_e2k.
Closed bugs
Модуль завершается с ошибкой при разном регистре в имени пользователя
Прописать в самом начале файла /etc/pam.d/system-auth-common строку
Closed vulnerabilities
Published: 2025-01-15
Modified: 2025-01-15
Modified: 2025-01-15
CVE-2024-11029
A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.
References: