Updated libuser packages that fix two security issues are now available forRed Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having Important securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

The libuser library implements a standardized interface for manipulatingand administering user and group accounts. Sample applications that aremodeled after applications from the shadow password suite (shadow-utils)are included in these packages.Two flaws were found in the way the libuser library handled the /etc/passwdfile. A local attacker could use an application compiled against libuser(for example, userhelper) to manipulate the /etc/passwd file, which couldresult in a denial of service or possibly allow the attacker to escalatetheir privileges to root. (CVE-2015-3245, CVE-2015-3246)Red Hat would like to thank Qualys for reporting these issues.All libuser users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue.
Before applying this update, make sure all previously released errata relevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libuser-0.56.13-8.el6_7.src.rpm
    MD5: de394ea72038ff1d86a04b578d280733SHA-256: 58e03c09a9dd5ae2f1a968c601f5038f6d98437b1f374be882c61687e42fe8e1
 
IA-32:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-python-0.56.13-8.el6_7.i686.rpm
    MD5: 050efffc30528b54202815e4a3b7f146SHA-256: 6d5c5ded41891ad81eaf4b39a5ccb33377e707580def7d9532bd5f6e43130ee5
 
x86_64:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-0.56.13-8.el6_7.x86_64.rpm
    MD5: be008fba06cd14ae4db09c35d1eb9dc7SHA-256: c603897048dae051740943becd06ddc732c157ae159f6be9b3c417a383aa9df2
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-debuginfo-0.56.13-8.el6_7.x86_64.rpm
    MD5: abfb0124b101425508f9b07ce69e5888SHA-256: 2bf675fe626655649efa6c1ffbc7d51e6add908c4298c0a399b267de987b067d
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-devel-0.56.13-8.el6_7.x86_64.rpm
    MD5: 94c7dd6dbd843ba5045d36b39ff123b9SHA-256: 53295f5abfa3a1e2054c3d328e7a1421480d7596c80649d0c7c940af7f0fde9a
libuser-python-0.56.13-8.el6_7.x86_64.rpm
    MD5: f14c3d5f363d4a2730cee7b13fe9b997SHA-256: 93b969eb23091ec10edf4c0f55553e53db4feb521d3ac2fc1101c4d0ea16936c
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libuser-0.56.13-8.el6_7.src.rpm
    MD5: de394ea72038ff1d86a04b578d280733SHA-256: 58e03c09a9dd5ae2f1a968c601f5038f6d98437b1f374be882c61687e42fe8e1
 
x86_64:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-0.56.13-8.el6_7.x86_64.rpm
    MD5: be008fba06cd14ae4db09c35d1eb9dc7SHA-256: c603897048dae051740943becd06ddc732c157ae159f6be9b3c417a383aa9df2
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-debuginfo-0.56.13-8.el6_7.x86_64.rpm
    MD5: abfb0124b101425508f9b07ce69e5888SHA-256: 2bf675fe626655649efa6c1ffbc7d51e6add908c4298c0a399b267de987b067d
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-devel-0.56.13-8.el6_7.x86_64.rpm
    MD5: 94c7dd6dbd843ba5045d36b39ff123b9SHA-256: 53295f5abfa3a1e2054c3d328e7a1421480d7596c80649d0c7c940af7f0fde9a
libuser-python-0.56.13-8.el6_7.x86_64.rpm
    MD5: f14c3d5f363d4a2730cee7b13fe9b997SHA-256: 93b969eb23091ec10edf4c0f55553e53db4feb521d3ac2fc1101c4d0ea16936c
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libuser-0.56.13-8.el6_7.src.rpm
    MD5: de394ea72038ff1d86a04b578d280733SHA-256: 58e03c09a9dd5ae2f1a968c601f5038f6d98437b1f374be882c61687e42fe8e1
 
IA-32:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-python-0.56.13-8.el6_7.i686.rpm
    MD5: 050efffc30528b54202815e4a3b7f146SHA-256: 6d5c5ded41891ad81eaf4b39a5ccb33377e707580def7d9532bd5f6e43130ee5
 
PPC:
libuser-0.56.13-8.el6_7.ppc.rpm
    MD5: 895a4462b941fb59684b88d2f94773c9SHA-256: d37c8a32094f8945a181aafeb284492f2b5ccde5f0f3c4fabb8a81287e61eb94
libuser-0.56.13-8.el6_7.ppc64.rpm
    MD5: 0df128fb91383b13c8481b748d36582fSHA-256: 6fcd50331547df7eb5f4a31d383136750bda0df9a657c2d671ac3e90db96bb95
libuser-debuginfo-0.56.13-8.el6_7.ppc.rpm
    MD5: 94b70fefd17cb3701bd4c284cede3f50SHA-256: 4bc7789a5d6af6f4e5096618d21290d97ec3b6ca875d4de0564f8a48636225d5
libuser-debuginfo-0.56.13-8.el6_7.ppc64.rpm
    MD5: 5961120dcce35f0013d3ddcefcdd0177SHA-256: 24b4fb7bf1afd464d7c87a1222ae2cf6b6f11ee892ff747bb9a53b9347321bd9
libuser-devel-0.56.13-8.el6_7.ppc.rpm
    MD5: 0a1721af45590c9df0643d7e06c26baeSHA-256: 95801361127480d41ee36a7c979ac7f77dfd9ff8cca411daaec9416a00ae274e
libuser-devel-0.56.13-8.el6_7.ppc64.rpm
    MD5: ffce5beee938b810af757bdeb3ec9490SHA-256: 02d7198d73949113f762464ac138c5776e652111d759d6d78ef1032581191ac9
libuser-python-0.56.13-8.el6_7.ppc64.rpm
    MD5: b5b871918c75d6f5062dceed707dfe5fSHA-256: fdd01f29d5b2096be6e3dd981970ff36c2055889ee71ea7bac4aad92debce4bb
 
s390x:
libuser-0.56.13-8.el6_7.s390.rpm
    MD5: ae7a0c8367424a2c6457ced96934b1e9SHA-256: ed68e1504c1eebcdf9ddc5d0c1eda48782b0c5ef87b9c8dc14885f3c9441a01e
libuser-0.56.13-8.el6_7.s390x.rpm
    MD5: 113bbaf85f0d34383d58c464ea659205SHA-256: beb3781399745b3407d1bdb6f75b99de7359ebd3a0c864f647e34a0234cf021a
libuser-debuginfo-0.56.13-8.el6_7.s390.rpm
    MD5: 83d3a9808c9f233a9aac419403722922SHA-256: f41bf91cde342616b5ff1a2bb349b6945fb6a1b5f29e2e80c91c654f26392e66
libuser-debuginfo-0.56.13-8.el6_7.s390x.rpm
    MD5: 373f32a293e121e318ae1c858beaa251SHA-256: ca1de691783717d60bbe05c62301e15dc1f67ff56f99481f568e0a5ae9171b8b
libuser-devel-0.56.13-8.el6_7.s390.rpm
    MD5: 559a63fa75027ff028c81095f7f5013bSHA-256: c183e2fb7c351539abcc6c59cfab769980fb8467e0434e19e6d120ff9a74038e
libuser-devel-0.56.13-8.el6_7.s390x.rpm
    MD5: 9cfb5dcc6f05f04e0f53d102c61db74fSHA-256: 377ccba55cac21594c79f92cddf6ba17299044ab15392315dadaef5c8787b6dc
libuser-python-0.56.13-8.el6_7.s390x.rpm
    MD5: 398563c79af580ce317e20744eb572b9SHA-256: 7619b2d2f98660c1de0c9f51c4095b1fb0db8f878b3510727ec3bbc2fe8c18b6
 
x86_64:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-0.56.13-8.el6_7.x86_64.rpm
    MD5: be008fba06cd14ae4db09c35d1eb9dc7SHA-256: c603897048dae051740943becd06ddc732c157ae159f6be9b3c417a383aa9df2
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-debuginfo-0.56.13-8.el6_7.x86_64.rpm
    MD5: abfb0124b101425508f9b07ce69e5888SHA-256: 2bf675fe626655649efa6c1ffbc7d51e6add908c4298c0a399b267de987b067d
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-devel-0.56.13-8.el6_7.x86_64.rpm
    MD5: 94c7dd6dbd843ba5045d36b39ff123b9SHA-256: 53295f5abfa3a1e2054c3d328e7a1421480d7596c80649d0c7c940af7f0fde9a
libuser-python-0.56.13-8.el6_7.x86_64.rpm
    MD5: f14c3d5f363d4a2730cee7b13fe9b997SHA-256: 93b969eb23091ec10edf4c0f55553e53db4feb521d3ac2fc1101c4d0ea16936c
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libuser-0.56.13-8.el6_7.src.rpm
    MD5: de394ea72038ff1d86a04b578d280733SHA-256: 58e03c09a9dd5ae2f1a968c601f5038f6d98437b1f374be882c61687e42fe8e1
 
IA-32:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-python-0.56.13-8.el6_7.i686.rpm
    MD5: 050efffc30528b54202815e4a3b7f146SHA-256: 6d5c5ded41891ad81eaf4b39a5ccb33377e707580def7d9532bd5f6e43130ee5
 
x86_64:
libuser-0.56.13-8.el6_7.i686.rpm
    MD5: 12fc18264b25e4b48c5328e11dd97acbSHA-256: 4b5dd72605676ece6529e3d1316372502fea44e4ef88df0e10fc6971a63deef8
libuser-0.56.13-8.el6_7.x86_64.rpm
    MD5: be008fba06cd14ae4db09c35d1eb9dc7SHA-256: c603897048dae051740943becd06ddc732c157ae159f6be9b3c417a383aa9df2
libuser-debuginfo-0.56.13-8.el6_7.i686.rpm
    MD5: c00fc7c87d572772f3c26afb48d36bd9SHA-256: 73cf60f843aeb242ca5280b50bdd8248a36566ac74ac71be33311c84b5f318c7
libuser-debuginfo-0.56.13-8.el6_7.x86_64.rpm
    MD5: abfb0124b101425508f9b07ce69e5888SHA-256: 2bf675fe626655649efa6c1ffbc7d51e6add908c4298c0a399b267de987b067d
libuser-devel-0.56.13-8.el6_7.i686.rpm
    MD5: 8a22dadf1690da7cf8c571163afc9526SHA-256: 5484ed6d9f39065e2b6b903689ced34500351e3243a5e1fbd9f372b8254f9aaa
libuser-devel-0.56.13-8.el6_7.x86_64.rpm
    MD5: 94c7dd6dbd843ba5045d36b39ff123b9SHA-256: 53295f5abfa3a1e2054c3d328e7a1421480d7596c80649d0c7c940af7f0fde9a
libuser-python-0.56.13-8.el6_7.x86_64.rpm
    MD5: f14c3d5f363d4a2730cee7b13fe9b997SHA-256: 93b969eb23091ec10edf4c0f55553e53db4feb521d3ac2fc1101c4d0ea16936c
 
(The unlinked packages above are only available from the Red Hat Network)
1233043 – CVE-2015-3245 libuser does not filter newline characters in the GECOS field1233052 – CVE-2015-3246 libuser: Security flaw in handling /etc/passwd file

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply