Download
| Alert*
|
oval:org.secpod.oval:def:89044967
This update for sssd provides the following fixes: Security issues fixed: - CVE-2017-12173: Fixed unsanitized input when searching in local cache database . Non security issues fixed: - Fixed a segfault issue in ldap_rfc_2307_fallback_to_local_users. - Install /var/lib/sss/mc directory to correct s ... oval:org.secpod.oval:def:89044010 libsss_sudo is installed oval:org.secpod.oval:def:507502 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:1506376 [1.16.5-10.0.3] - Revert Redhat"s change of disallowing duplicated incomplete gid when id_provider=ldap is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [1.16.5-10.15] - Resolves: rhbz#2149703 - smartcards: special characters must be escaped when building sea ... oval:org.secpod.oval:def:89044005 This update for adcli and sssd provides the following improvement: Security vulnerability fixed: - CVE-2019-3811: Fix fallback_homedir returning "/" for empty home directories Other fixes: - Add an option to disable checking for trusted domains in the subdomains provider - Clear pid file in corner ... oval:org.secpod.oval:def:1701234 A vulnerability was found in SSSD, in the libsss_certmap functionality. PKINIT enables a client to authenticate to the KDC using an X.509 certificate and the corresponding private key, rather than a passphrase or keytab. FreeIPA uses mapping rules to map a certificate presented during a PKINIT authe ... oval:org.secpod.oval:def:4500050 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:2500515 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:506330 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:205889 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:1505068 [2.4.0-9.0.1] - Restore default debug level for sss_cache [Orabug: 32810448] - Restore default debug level for shadow-utils tools [Orabug: 32810448] - Revert Redhat"s change of disallowing duplicated incomplete gid when id_provider=ldap is used, which caused regression in AD environment. [Orabug: 29 ... oval:org.secpod.oval:def:1700722 A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat ... oval:org.secpod.oval:def:509296 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... oval:org.secpod.oval:def:2501463 The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to ... |
