4.214. pam

Updated pam packages that add one enhancement are now available for Red Hat Enterprise Linux.
Pluggable Authentication Modules (PAM) provide a system for administrators to set up authentication policies without the need to recompile programs to handle authentication.

Enhancement

BZ#727286
With this update, the libraries are recompiled with the partial read only relocation (RELRO) flag to enhance the security of applications that use the libraries.
All pam users are advised to upgrade to these updated packages, which add this enhancement.
Updated pam packages that add one enhancement are now available for Red Hat Enterprise Linux 6.
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Enhancement

BZ#809370
The pam_cracklib is a PAM module for password-quality checking used by various applications. With this update, the pam_cracklib module has been improved with additional password-quality checks. The pam_cracklib module now allows to check whether a new password contains the words from the GECOS field from entries in the "/etc/passwd" file. The GECOS field is used to store additional information about the user, such as the user's full name or a phone number, which could be used by an attacker for an attempt to crack the password. The pam_cracklib module now also allows to specify the maximum allowed number of consecutive characters of the same class (lowercase, uppercase, number and special characters) in a password.
All users of pam are advised to upgrade to these updated packages, which add this enhancement.