Synopsis: Important: libuser security update Advisory ID: SLSA-2015:1482-1 Issue Date: 2015-07-23 CVE Numbers: CVE-2015-3245 CVE-2015-3246 -- Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root. (CVE-2015-3245, CVE-2015-3246) -- SL6 x86_64 libuser-0.56.13-8.el6_7.i686.rpm libuser-0.56.13-8.el6_7.x86_64.rpm libuser-debuginfo-0.56.13-8.el6_7.i686.rpm libuser-debuginfo-0.56.13-8.el6_7.x86_64.rpm libuser-python-0.56.13-8.el6_7.x86_64.rpm libuser-devel-0.56.13-8.el6_7.i686.rpm libuser-devel-0.56.13-8.el6_7.x86_64.rpm i386 libuser-0.56.13-8.el6_7.i686.rpm libuser-debuginfo-0.56.13-8.el6_7.i686.rpm libuser-python-0.56.13-8.el6_7.i686.rpm libuser-devel-0.56.13-8.el6_7.i686.rpm - Scientific Linux Development Team