-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-724f4733e9 2021-12-14 00:55:44.738936 --------------------------------------------------------------------------------
Name : pam-u2f Product : Fedora 34 Version : 1.2.0 Release : 2.fc34 URL : https://github.com/Yubico/pam-u2f Summary : Implements PAM authentication over U2F Description : The PAM U2F module provides an easy way to integrate the Yubikey (or other U2F-compliant authenticators) into your existing user authentication infrastructure.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2021-31924 -------------------------------------------------------------------------------- ChangeLog:
* Sun Dec 5 2021 Gary Buhrmaster gary.buhrmaster@gmail.com - 1.2.0-2 - Update changelog to reflect security related issues/tickets - Fixes CVE-2021-31924 - Fixes rhbz#2028244 - Fixes rhbz#2028245 * Mon Nov 8 2021 Gary Burhmaster gary.buhrmaster@gmail.com - 1.2.0-1 - Update to 1.2.0 upstream release (#1993435) - Support (optional) autoreconf invokation if needed for patches - Migrate to pkgconfig for BR per packaging guidelines * Thu Jul 22 2021 Fedora Release Engineering releng@fedoraproject.org - 1.0.8-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Sat Jul 10 2021 Bj��rn Esser besser82@fedoraproject.org - 1.0.8-7 - Rebuild for versioned symbols in json-c -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2028244 - CVE-2021-31924 pam-u2f: Logic issue may lead to local PIN bypass https://bugzilla.redhat.com/show_bug.cgi?id=2028244 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-724f4733e9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------