- Issued:
- 2014-10-13
- Updated:
- 2014-10-13
RHBA-2014:1522 - shadow-utils bug fix update
Synopsis
shadow-utils bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
Updated shadow-utils packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
Description
The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts.
This update fixes the following bugs:
-
Previously, pwconv and grpconv utilities improperly parsed respective shadow and gshadow files with errors. Consequently, when writing corrected shadow and gshadow files, only the first error on two consecutive erroneous lines was corrected. With this update, pwconv and grpconv parse the files with errors correctly, and all lines are corrected in the newly written files. (BZ#787742)
-
Due to a bug in code parsing in the /etc/group file, the useradd command could terminate unexpectedly with a segmentation fault when merging group entries. The parsing code has been fixed, and useradd now correctly merges group entries. (BZ#890222)
-
Previously, the useradd command assigned the SELinux user to the new user being created after creating and populating the home directory of the user. Consequently, the SELinux contexts of the home directory files were incorrect. With this update, the SELinux user is assigned to the newly created user before populating the home directory, and the SELinux contexts on the home directory files for newly created users are now correct. (BZ#955769)
-
Due to improper detection of invalid date specification in the chage command, chage did not fail when used with invalid date specification. With this update, the code of chage properly detects invalid date specification, and fails if an invalid date is specified. (BZ#956742)
-
Prior to this update, the chage command incorrectly handled date in the format of "[month] DD YYYY" as "[month] DD hhmm". As a consequence, if chage was used with such date specification, the date was set to an unexpected value. The updated chage code correctly handles date in the aforementioned format. As a result, if chage is used with such date specification, the date is set to an expected value. (BZ#957782)
-
Previously, the newgrp command always tried to find a group with a matching group ID (GID) within all the groups on the system. If the groups were stored on the LDAP server, it caused large data to be pulled from the LDAP server on each invocation of newgrp. The underlying source code has been fixed, and newgrp no longer tries to find a matching group among all the groups on the system if the user is a member of the group specified on the command line. Thus no extra data is pulled from the LDAP server. (BZ#993049)
-
The usermod code handled improperly the creation of a new entry in the /etc/shadow file. As a consequence, the "usermod -p" command failed to set the new password if the entry in the /etc/shadow file was missing. The updated usermod code properly creates a new entry in /etc/shadow if it is missing, and the "usermod -p" command sets the new password correctly even if the user's entry in /etc/shadow is missing. (BZ#1016516)
Users of shadow-utils are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- shadow-utils-debuginfo-4.1.4.2-19.el6.i686.rpm
- shadow-utils-4.1.4.2-19.el6.src.rpm
- shadow-utils-debuginfo-4.1.4.2-19.el6.ppc64.rpm
- shadow-utils-4.1.4.2-19.el6.i686.rpm
- shadow-utils-debuginfo-4.1.4.2-19.el6.x86_64.rpm
- shadow-utils-4.1.4.2-19.el6.x86_64.rpm
- shadow-utils-debuginfo-4.1.4.2-19.el6.s390x.rpm
- shadow-utils-4.1.4.2-19.el6.ppc64.rpm
- shadow-utils-4.1.4.2-19.el6.s390x.rpm
Fixes
- This content is not included.BZ - 787742
- This content is not included.BZ - 882272
- This content is not included.BZ - 955769
- This content is not included.BZ - 1011230
- This content is not included.BZ - 1016516
- This content is not included.BZ - 1089666
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.