- Issued:
- 2007-05-01
- Updated:
- 2007-05-01
RHEA-2007:0259 - Product Enhancement Advisory
Synopsis
cracklib enhancement update
Type/Severity
Product Enhancement Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated cracklib packages are now available.
Description
CrackLib tests passwords to determine whether they match certain
security-oriented characteristics, with the purpose of stopping users
from choosing passwords that are easy to guess. CrackLib performs
several tests on passwords: it tries to generate words from a username
and gecos entry and checks those words against the password; it checks
for simplistic patterns in passwords; and it checks for the password
in a dictionary.
Prior versions of the cracklib library were incorrectly built for 64-bit
platforms, resulting in different binary formats for cracklib dictionaries
for 32- and 64-bit systems. This update includes modifications which
correct the differences in the binary formats, and includes compatibility
code which allows use of older, incorrectly-generated libraries.
Multiple 'words' (mostly keyboard-pattern strings) were added to the
cracklibs-dicts package default dictionary
A bug in the cracklib python module which made it difficult to check
password quality using a dictionary other than the default has been corrected.
Users are advised to upgrade to these updated cracklib packages, which
resolve these issues.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 185314 - Too weak dictionary for cracklib?
- BZ - 225860 - python binding behaves poorly when specifying dictpath
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
| SRPM | |
|---|---|
| cracklib-2.8.9-1.3.src.rpm | SHA-256: 616ebd6346901ba82c40fff2e524d2eab78250a8f38ce03b84af16dbce7aa409 |
| x86_64 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.x86_64.rpm | SHA-256: 66516f2f5e35e04aaa5d68aa6c2a18fc723aecae639cbafabbd7088743971c02 |
| cracklib-2.8.9-1.3.x86_64.rpm | SHA-256: 66516f2f5e35e04aaa5d68aa6c2a18fc723aecae639cbafabbd7088743971c02 |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.x86_64.rpm | SHA-256: 400e3850d2d261a68d59dc821d0d9c6397e5aab9dcd45eac2d67d9472525e797 |
| cracklib-dicts-2.8.9-1.3.x86_64.rpm | SHA-256: 400e3850d2d261a68d59dc821d0d9c6397e5aab9dcd45eac2d67d9472525e797 |
| ia64 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.ia64.rpm | SHA-256: a0c6731c28fe2aacb11107331bce3ee5b8dd48db23ba55c4334fa92058d6363e |
| cracklib-2.8.9-1.3.ia64.rpm | SHA-256: a0c6731c28fe2aacb11107331bce3ee5b8dd48db23ba55c4334fa92058d6363e |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.ia64.rpm | SHA-256: 0fe2383c5f8d32976dea5c77a6b5dda2d82eddfee3e2bd813cb149b85ce4bfbc |
| cracklib-dicts-2.8.9-1.3.ia64.rpm | SHA-256: 0fe2383c5f8d32976dea5c77a6b5dda2d82eddfee3e2bd813cb149b85ce4bfbc |
| i386 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
Red Hat Enterprise Linux Workstation 4
| SRPM | |
|---|---|
| cracklib-2.8.9-1.3.src.rpm | SHA-256: 616ebd6346901ba82c40fff2e524d2eab78250a8f38ce03b84af16dbce7aa409 |
| x86_64 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.x86_64.rpm | SHA-256: 66516f2f5e35e04aaa5d68aa6c2a18fc723aecae639cbafabbd7088743971c02 |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.x86_64.rpm | SHA-256: 400e3850d2d261a68d59dc821d0d9c6397e5aab9dcd45eac2d67d9472525e797 |
| ia64 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.ia64.rpm | SHA-256: a0c6731c28fe2aacb11107331bce3ee5b8dd48db23ba55c4334fa92058d6363e |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.ia64.rpm | SHA-256: 0fe2383c5f8d32976dea5c77a6b5dda2d82eddfee3e2bd813cb149b85ce4bfbc |
| i386 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
Red Hat Enterprise Linux Desktop 4
| SRPM | |
|---|---|
| cracklib-2.8.9-1.3.src.rpm | SHA-256: 616ebd6346901ba82c40fff2e524d2eab78250a8f38ce03b84af16dbce7aa409 |
| x86_64 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-2.8.9-1.3.x86_64.rpm | SHA-256: 66516f2f5e35e04aaa5d68aa6c2a18fc723aecae639cbafabbd7088743971c02 |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
| cracklib-dicts-2.8.9-1.3.x86_64.rpm | SHA-256: 400e3850d2d261a68d59dc821d0d9c6397e5aab9dcd45eac2d67d9472525e797 |
| i386 | |
| cracklib-2.8.9-1.3.i386.rpm | SHA-256: f8bde08cd5c8b4ed5670da0040fd9036237bf212bdd82b3a53182d8868c3a87d |
| cracklib-dicts-2.8.9-1.3.i386.rpm | SHA-256: b70bb2213522c99a1b8e3b84c7ca267dce790b71cd75cf8d37ca43bcafbe4a7c |
Red Hat Enterprise Linux for IBM z Systems 4
| SRPM | |
|---|---|
| cracklib-2.8.9-1.3.src.rpm | SHA-256: 616ebd6346901ba82c40fff2e524d2eab78250a8f38ce03b84af16dbce7aa409 |
| s390x | |
| cracklib-2.8.9-1.3.s390.rpm | SHA-256: c1d4798a369cc058bd8c432e5a8159dcd07d4b8baeb11ac4db38e4066ae268e9 |
| cracklib-2.8.9-1.3.s390x.rpm | SHA-256: eb54342ba97feacb62f2789d193e549488c128468cdde214d0e80637006ca079 |
| cracklib-dicts-2.8.9-1.3.s390.rpm | SHA-256: 482ba9b875a677e029045be4f9f0fb1f3b56924db32ab5810d2d92446b1459ac |
| cracklib-dicts-2.8.9-1.3.s390x.rpm | SHA-256: c62bda9a12dc6d088bb99aa2b310ff3524c62e6f07fbbcc7d210f6c9c90d4753 |
| s390 | |
| cracklib-2.8.9-1.3.s390.rpm | SHA-256: c1d4798a369cc058bd8c432e5a8159dcd07d4b8baeb11ac4db38e4066ae268e9 |
| cracklib-dicts-2.8.9-1.3.s390.rpm | SHA-256: 482ba9b875a677e029045be4f9f0fb1f3b56924db32ab5810d2d92446b1459ac |
Red Hat Enterprise Linux for Power, big endian 4
| SRPM | |
|---|---|
| cracklib-2.8.9-1.3.src.rpm | SHA-256: 616ebd6346901ba82c40fff2e524d2eab78250a8f38ce03b84af16dbce7aa409 |
| ppc | |
| cracklib-2.8.9-1.3.ppc.rpm | SHA-256: c4a77d4d9800ee5690cb0bebc5055a51609835af1b34e5d669407200a049052b |
| cracklib-2.8.9-1.3.ppc64.rpm | SHA-256: 550b6a87bf3c68aa46279ac5daecaffcd7518f52aa9311ce94f6d6ee51aba443 |
| cracklib-dicts-2.8.9-1.3.ppc.rpm | SHA-256: 439e42121aba55f6a82dfa1eadcfae9f89356506204746f43d0761f419917423 |
| cracklib-dicts-2.8.9-1.3.ppc64.rpm | SHA-256: e77f459a5c1c2ec5b755f3a189481de0a9ba04716046ade976fe543b2d2010e0 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
