Download
| Alert*
|
oval:org.secpod.oval:def:4500050
The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:1601671 A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat ... oval:org.secpod.oval:def:706127 sssd: System Security Services Daemon Several security issues were fixed in sssd. oval:org.secpod.oval:def:120649 Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services ... oval:org.secpod.oval:def:506330 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:75889 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:1601477 A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat ... oval:org.secpod.oval:def:1505099 [1.16.5-10.0.1] - Revert Redhat"s change of disallowing duplicated incomplete gid when id_provider=ldap is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [1.16.5-10.10] - Resolves: rhbz#1973796 - SSSD is NOT able to contact the Global Catalog when local site i ... oval:org.secpod.oval:def:89046239 This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands . - Add LDAPS support for the AD provider . Non-security fixes: - Fixed a crash caused by calling dbus_watch_handle with a corrupted memory value ... oval:org.secpod.oval:def:205889 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:89047646 This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommand . - Add "ldap_ignore_unreadable_references" parameter to skip unreadable objects referenced by "member" attributte - Fix 32-bit libraries package. ... oval:org.secpod.oval:def:89047200 This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands . - Add LDAPS support for the AD provider . - Improve logs to record the reason why internal watchdog terminates a process . - Fix watchdog not te ... oval:org.secpod.oval:def:120671 Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services ... oval:org.secpod.oval:def:75919 sssd: System Security Services Daemon Several security issues were fixed in sssd. oval:org.secpod.oval:def:75915 sssd: System Security Services Daemon Several security issues were fixed in sssd. oval:org.secpod.oval:def:2500515 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:74786 sssd: System Security Services Daemon Several security issues were fixed in sssd. oval:org.secpod.oval:def:506303 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:1505068 [2.4.0-9.0.1] - Restore default debug level for sss_cache [Orabug: 32810448] - Restore default debug level for shadow-utils tools [Orabug: 32810448] - Revert Redhat"s change of disallowing duplicated incomplete gid when id_provider=ldap is used, which caused regression in AD environment. [Orabug: 29 ... oval:org.secpod.oval:def:1700722 A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat ... oval:org.secpod.oval:def:89045572 This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands . oval:org.secpod.oval:def:89046122 This update for sssd fixes the following issues: Security issues fixed: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands . Non-security issues fixed: - Create timestamp attribute in cache objects if missing. - Add "ldap_ignore_unreadable_refer ... oval:org.secpod.oval:def:3301297 SUSE Security Update: Security update for sssd |
