Описание
ELSA-2024-3267: idm:DL1 and idm:client security update (MODERATE)
bind-dyndb-ldap custodia ipa [4.9.13-9.0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
[9.4.13-9]
- dcerpc: invalidate forest trust intfo cache when filtering out realm domains Resolves: RHEL-28559
- Backport latests test fixes in python3-tests ipatests: add xfail for autoprivate group test with override ipatests: remove xfail thanks to sssd 2.9.4 ipatests: adapt for new automembership fixup behavior ipatests: Fixes for test_ipahealthcheck_ipansschainvalidation testcases test_xmlrpc: adopt to automember plugin message changes in 389-ds Resolves: RHEL-29908
ipa-healthcheck opendnssec python-jwcrypto [0.5.0-2]
- Address potential DoS with high compression ratio Resolves: RHEL-28697
- Limit number of iterations for PBES Resolves: RHEL-23036 RHEL-23037
python-kdcproxy python-qrcode python-yubico pyusb slapi-nis softhsm
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module idm:DL1 is enabled
bind-dyndb-ldap
11.6-5.module+el8.10.0+90339+985471f7
custodia
0.6.0-3.module+el8.9.0+90094+20819f5a
ipa-client
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-client-common
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-client-epn
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-client-samba
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-common
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-healthcheck
0.12-3.module+el8.9.0+90094+20819f5a
ipa-healthcheck-core
0.12-3.module+el8.9.0+90094+20819f5a
ipa-python-compat
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-selinux
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server-common
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server-dns
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server-trust-ad
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
opendnssec
2.1.7-1.module+el8.9.0+90094+20819f5a
python3-custodia
0.6.0-3.module+el8.9.0+90094+20819f5a
python3-ipaclient
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-ipalib
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-ipaserver
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-ipatests
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-jwcrypto
0.5.0-2.module+el8.10.0+90339+985471f7
python3-kdcproxy
0.4-5.module+el8.9.0+90122+3305dc1d
python3-pyusb
1.0.0-9.1.module+el8.9.0+90094+20819f5a
python3-qrcode
5.1-12.module+el8.9.0+90094+20819f5a
python3-qrcode-core
5.1-12.module+el8.9.0+90094+20819f5a
python3-yubico
1.3.2-9.1.module+el8.9.0+90094+20819f5a
slapi-nis
0.60.0-4.module+el8.10.0+90297+bfe93ccc
softhsm
2.6.0-5.module+el8.9.0+90094+20819f5a
softhsm-devel
2.6.0-5.module+el8.9.0+90094+20819f5a
Module idm:client is enabled
ipa-client
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-client-common
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-client-epn
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-client-samba
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-common
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-healthcheck-core
0.12-3.module+el8.9.0+90095+d672673c
ipa-python-compat
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-selinux
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
python3-ipaclient
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
python3-ipalib
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
python3-jwcrypto
0.5.0-2.module+el8.10.0+90340+9faa45ba
python3-pyusb
1.0.0-9.1.module+el8.9.0+90095+d672673c
python3-qrcode
5.1-12.module+el8.9.0+90095+d672673c
python3-qrcode-core
5.1-12.module+el8.9.0+90095+d672673c
python3-yubico
1.3.2-9.1.module+el8.9.0+90095+d672673c
Oracle Linux x86_64
Module idm:DL1 is enabled
bind-dyndb-ldap
11.6-5.module+el8.10.0+90339+985471f7
custodia
0.6.0-3.module+el8.9.0+90094+20819f5a
ipa-client
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-client-common
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-client-epn
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-client-samba
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-common
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-healthcheck
0.12-3.module+el8.9.0+90094+20819f5a
ipa-healthcheck-core
0.12-3.module+el8.9.0+90094+20819f5a
ipa-python-compat
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-selinux
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server-common
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server-dns
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
ipa-server-trust-ad
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
opendnssec
2.1.7-1.module+el8.9.0+90094+20819f5a
python3-custodia
0.6.0-3.module+el8.9.0+90094+20819f5a
python3-ipaclient
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-ipalib
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-ipaserver
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-ipatests
4.9.13-9.0.1.module+el8.10.0+90339+985471f7
python3-jwcrypto
0.5.0-2.module+el8.10.0+90339+985471f7
python3-kdcproxy
0.4-5.module+el8.9.0+90122+3305dc1d
python3-pyusb
1.0.0-9.1.module+el8.9.0+90094+20819f5a
python3-qrcode
5.1-12.module+el8.9.0+90094+20819f5a
python3-qrcode-core
5.1-12.module+el8.9.0+90094+20819f5a
python3-yubico
1.3.2-9.1.module+el8.9.0+90094+20819f5a
slapi-nis
0.60.0-4.module+el8.10.0+90297+bfe93ccc
softhsm
2.6.0-5.module+el8.9.0+90094+20819f5a
softhsm-devel
2.6.0-5.module+el8.9.0+90094+20819f5a
Module idm:client is enabled
ipa-client
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-client-common
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-client-epn
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-client-samba
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-common
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-healthcheck-core
0.12-3.module+el8.9.0+90095+d672673c
ipa-python-compat
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
ipa-selinux
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
python3-ipaclient
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
python3-ipalib
4.9.13-9.0.1.module+el8.10.0+90340+9faa45ba
python3-jwcrypto
0.5.0-2.module+el8.10.0+90340+9faa45ba
python3-pyusb
1.0.0-9.1.module+el8.9.0+90095+d672673c
python3-qrcode
5.1-12.module+el8.9.0+90095+d672673c
python3-qrcode-core
5.1-12.module+el8.9.0+90095+d672673c
python3-yubico
1.3.2-9.1.module+el8.9.0+90095+d672673c
Связанные CVE
Связанные уязвимости
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.
A vulnerability was found in JWCrypto. This flaw allows an attacker to ...
JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot of memory and processing time. Version 1.5.6 fixes this vulnerability by limiting the maximum token length.