0972f61 Fix incorrect PAM configuration with SSSD (CVE-2017-7488).

Authored and Committed by tmraz 3 years ago
1 file changed. 18 lines added. 4 lines removed.
    Fix incorrect PAM configuration with SSSD (CVE-2017-7488).
    
    The PAM configuration that authconfig previously generated since
    the release 7.0.0 when pam_sss was enabled caused information
    about the presence or non-presence of user account on the system
    to be leaked via different prompting and/or timing.
    
    The 'authconfig --updateall' must be run to enforce regeneration
    of the PAM configuration files to fix the incorrect configuration.
    
        
file modified
+18 -4