[SECURITY] Fedora 30 Update: pam-u2f-1.0.8-1.fc30

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-b6d3c8b0a8 2019-06-19 22:44:22.998271 -------------------------------------------------------------------------------- Name : pam-u2f Product : Fedora 30 Version : 1.0.8 Release : 1.fc30 URL : https://developers.yubico.com/pam-u2f/ Summary : Implements PAM authentication over U2F Description : The PAM U2F module provides an easy way to integrate the Yubikey (or other U2F-compliant authenticators) into your existing user authentication infrastructure. -------------------------------------------------------------------------------- Update Information: New upstream release Fixes Debug file descriptor leak CVE-2019-1221 Fixes insecure debug file handling CVE-2019-1220 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 5 2019 Seth Jennings <spartacus06(a)gmail.com&gt; - 1.0.8-1 - New upstream release - Fixes Debug file descriptor leak CVE-2019-1221 - Fixes insecure debug file handling CVE-2019-1220 - resolves: #1717326 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1717326 - Debug file descriptor leak CVE-2019-1221 and insecure debug file handling CVE-2019-12209 https://bugzilla.redhat.com/show_bug.cgi?id=1717326 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-b6d3c8b0a8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------