Описание
ELSA-2021-1846: idm:DL1 and idm:client security, bug fix, and enhancement update (MODERATE)
bind-dyndb-ldap [11.6-2]
- Rebuild against bind 9.11.26
- Resolves: rhbz#1904612
[11.6-1]
- New upstream release
- Resolves: rhbz#1891735
ipa [4.9.2-3.0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
[4.9.2-3]
- ipa-client-install displays false message 'sudo binary does not seem to be present on this system' Resolves: RHBZ#1939371
[4.9.2-2]
- Sync ipatests from upstream to RHEL packages for FreeIPA 4.9 branch Resolves: RHBZ#1932289
- Fix krb5kdc is crashing intermittently on IPA server Resolves: RHBZ#1932784
[4.9.2-1]
- Upstream release FreeIPA 4.9.2 Related: RHBZ#1891832
opendnssec [2.1.7-1]
- Upstream release 2.1.7
- Resolves: rhbz#1904484
softhsm [2.6.0-5]
- Install prever devel package requirements for new negative option patch Related: RHBZ#1857272
[2.6.0-4]
- Fixes: rhbz#1857272 - negative option for token.mechanism not working correctly
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module idm:DL1 is enabled
bind-dyndb-ldap
11.6-2.module+el8.4.0+20088+3d202164
custodia
0.6.0-3.module+el8.3.0+7868+2151076c
ipa-client
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-epn
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-samba
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-healthcheck
0.7-3.module+el8.4.0+20088+3d202164
ipa-healthcheck-core
0.7-3.module+el8.4.0+20088+3d202164
ipa-python-compat
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-selinux
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-dns
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-trust-ad
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
opendnssec
2.1.7-1.module+el8.4.0+20088+3d202164
python3-custodia
0.6.0-3.module+el8.3.0+7868+2151076c
python3-ipaclient
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipalib
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipaserver
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipatests
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-jwcrypto
0.5.0-1.module+el8.3.0+7868+2151076c
python3-kdcproxy
0.4-5.module+el8.3.0+7868+2151076c
python3-pyusb
1.0.0-9.module+el8.3.0+7868+2151076c
python3-qrcode
5.1-12.module+el8.3.0+7868+2151076c
python3-qrcode-core
5.1-12.module+el8.3.0+7868+2151076c
python3-yubico
1.3.2-9.module+el8.3.0+7868+2151076c
slapi-nis
0.56.6-2.module+el8.4.0+20174+ae9fc984
softhsm
2.6.0-5.module+el8.4.0+20161+5ecb5b37
softhsm-devel
2.6.0-5.module+el8.4.0+20161+5ecb5b37
Module idm:client is enabled
ipa-client
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-client-common
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-client-epn
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-client-samba
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-common
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-healthcheck-core
0.7-3.module+el8.4.0+20089+f3f9be88
ipa-python-compat
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-selinux
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
python3-ipaclient
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
python3-ipalib
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
python3-jwcrypto
0.5.0-1.module+el8.3.0+7867+49938b5b
python3-pyusb
1.0.0-9.module+el8.3.0+7867+49938b5b
python3-qrcode
5.1-12.module+el8.3.0+7867+49938b5b
python3-qrcode-core
5.1-12.module+el8.3.0+7867+49938b5b
python3-yubico
1.3.2-9.module+el8.3.0+7867+49938b5b
Oracle Linux x86_64
Module idm:DL1 is enabled
bind-dyndb-ldap
11.6-2.module+el8.4.0+20088+3d202164
custodia
0.6.0-3.module+el8.3.0+7868+2151076c
ipa-client
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-epn
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-client-samba
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-healthcheck
0.7-3.module+el8.4.0+20088+3d202164
ipa-healthcheck-core
0.7-3.module+el8.4.0+20088+3d202164
ipa-python-compat
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-selinux
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-common
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-dns
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
ipa-server-trust-ad
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
opendnssec
2.1.7-1.module+el8.4.0+20088+3d202164
python3-custodia
0.6.0-3.module+el8.3.0+7868+2151076c
python3-ipaclient
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipalib
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipaserver
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-ipatests
4.9.2-3.0.1.module+el8.4.0+20161+5ecb5b37
python3-jwcrypto
0.5.0-1.module+el8.3.0+7868+2151076c
python3-kdcproxy
0.4-5.module+el8.3.0+7868+2151076c
python3-pyusb
1.0.0-9.module+el8.3.0+7868+2151076c
python3-qrcode
5.1-12.module+el8.3.0+7868+2151076c
python3-qrcode-core
5.1-12.module+el8.3.0+7868+2151076c
python3-yubico
1.3.2-9.module+el8.3.0+7868+2151076c
slapi-nis
0.56.6-2.module+el8.4.0+20174+ae9fc984
softhsm
2.6.0-5.module+el8.4.0+20161+5ecb5b37
softhsm-devel
2.6.0-5.module+el8.4.0+20161+5ecb5b37
Module idm:client is enabled
ipa-client
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-client-common
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-client-epn
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-client-samba
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-common
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-healthcheck-core
0.7-3.module+el8.4.0+20089+f3f9be88
ipa-python-compat
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
ipa-selinux
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
python3-ipaclient
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
python3-ipalib
4.9.2-3.0.1.module+el8.4.0+20162+a92f1bfa
python3-jwcrypto
0.5.0-1.module+el8.3.0+7867+49938b5b
python3-pyusb
1.0.0-9.module+el8.3.0+7867+49938b5b
python3-qrcode
5.1-12.module+el8.3.0+7867+49938b5b
python3-qrcode-core
5.1-12.module+el8.3.0+7867+49938b5b
python3-yubico
1.3.2-9.module+el8.3.0+7867+49938b5b
Связанные CVE
Связанные уязвимости
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...
