news 28 Posted December 30, 2009 This is a multi-part message in MIME format... ------------=_1262197988-24326-2805 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Advisory MDVA-2009:267 http://www.mandriva.com/security/ _______________________________________________________________________ Package : tcb Date : December 30, 2009 Affected: 2010.0 _______________________________________________________________________ Problem Description: Due to a change in glibc on x86_64, pam_tcb incorrectly handles negative values in /etc/shadow. When password expiration warning delay is set to -1, a warning would be displayed to the users saying that their password will expire in 99999 days. This update resolves this bug. _______________________________________________________________________ References: https://qa.mandriva.com/56710 https://qa.mandriva.com/52330 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.0: ef88f2fbca0b0e5cbf564f414d830927 2010.0/i586/libtcb0-1.0.3-2.2mdv2010.0.i586.rpm 606552b4601ee7f0afe38a3268548614 2010.0/i586/libtcb-devel-1.0.3-2.2mdv2010.0.i586.rpm 3a45912b78f3889c92d520b9e9e2c63f 2010.0/i586/nss_tcb-1.0.3-2.2mdv2010.0.i586.rpm 7b10733621da46077db583d39ab3d6ac 2010.0/i586/pam_tcb-1.0.3-2.2mdv2010.0.i586.rpm 0e042f15f5e4e2965853bcc40ed7872b 2010.0/i586/tcb-1.0.3-2.2mdv2010.0.i586.rpm 437f116853ce2d45710e269f3998d9e7 2010.0/SRPMS/tcb-1.0.3-2.2mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: e7c746cde84cfa3e4c7b95d6a1205594 2010.0/x86_64/lib64tcb0-1.0.3-2.2mdv2010.0.x86_64.rpm 7a34bf444bdc9ebe858cbd755bbb2afb 2010.0/x86_64/lib64tcb-devel-1.0.3-2.2mdv2010.0.x86_64.rpm 9838ab4587ddf8e05bbd776e669b340e 2010.0/x86_64/nss_tcb-1.0.3-2.2mdv2010.0.x86_64.rpm f8875b923049ccffdc0eee3c2535d9f2 2010.0/x86_64/pam_tcb-1.0.3-2.2mdv2010.0.x86_64.rpm bd851aa4209e62dd98b29bf6e58fcf57 2010.0/x86_64/tcb-1.0.3-2.2mdv2010.0.x86_64.rpm 437f116853ce2d45710e269f3998d9e7 2010.0/SRPMS/tcb-1.0.3-2.2mdv2010.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLO3GMmqjQ0CJFipgRAp0IAKCmkn+ke/UCHMG45/lSDpW2D82DugCdHPrj lsXBJZ+oqX4manBgkLFYTGg= =2d7U -----END PGP SIGNATURE----- ------------=_1262197988-24326-2805 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1262197988-24326-2805-- Share this post Link to post
