Описание
Recommended update for adcli, sssd
This update for adcli and sssd provides the following improvement:
Security vulnerability fixed:
- CVE-2019-3811: Fix fallback_homedir returning '/' for empty home directories (bsc#1121759)
Other fixes:
- Add an option to disable checking for trusted domains in the subdomains provider (bsc#1125617)
- Clear pid file in corner cases (bsc#1127670)
- Fix child unable to write to log file after SIGHUP (bsc#1127670)
- Include adcli in SUSE Linux Enterprise 12 SP3 for sssd-ad. (fate#326619, bsc#1109849)
The adcli enables sssd to do password renewal when using Active Directory.
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
adcli-0.8.2-1.3.1
libipa_hbac0-1.13.4-34.31.1
libsss_idmap0-1.13.4-34.31.1
libsss_nss_idmap0-1.13.4-34.31.1
libsss_sudo-1.13.4-34.31.1
python-sssd-config-1.13.4-34.31.1
sssd-1.13.4-34.31.1
sssd-32bit-1.13.4-34.31.1
sssd-ad-1.13.4-34.31.1
sssd-ipa-1.13.4-34.31.1
sssd-krb5-1.13.4-34.31.1
sssd-krb5-common-1.13.4-34.31.1
sssd-ldap-1.13.4-34.31.1
sssd-proxy-1.13.4-34.31.1
sssd-tools-1.13.4-34.31.1
SUSE Linux Enterprise Server 12 SP3
adcli-0.8.2-1.3.1
libipa_hbac0-1.13.4-34.31.1
libsss_idmap0-1.13.4-34.31.1
libsss_nss_idmap0-1.13.4-34.31.1
libsss_sudo-1.13.4-34.31.1
python-sssd-config-1.13.4-34.31.1
sssd-1.13.4-34.31.1
sssd-32bit-1.13.4-34.31.1
sssd-ad-1.13.4-34.31.1
sssd-ipa-1.13.4-34.31.1
sssd-krb5-1.13.4-34.31.1
sssd-krb5-common-1.13.4-34.31.1
sssd-ldap-1.13.4-34.31.1
sssd-proxy-1.13.4-34.31.1
sssd-tools-1.13.4-34.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
adcli-0.8.2-1.3.1
libipa_hbac0-1.13.4-34.31.1
libsss_idmap0-1.13.4-34.31.1
libsss_nss_idmap0-1.13.4-34.31.1
libsss_sudo-1.13.4-34.31.1
python-sssd-config-1.13.4-34.31.1
sssd-1.13.4-34.31.1
sssd-32bit-1.13.4-34.31.1
sssd-ad-1.13.4-34.31.1
sssd-ipa-1.13.4-34.31.1
sssd-krb5-1.13.4-34.31.1
sssd-krb5-common-1.13.4-34.31.1
sssd-ldap-1.13.4-34.31.1
sssd-proxy-1.13.4-34.31.1
sssd-tools-1.13.4-34.31.1
SUSE Linux Enterprise Software Development Kit 12 SP3
libipa_hbac-devel-1.13.4-34.31.1
libsss_idmap-devel-1.13.4-34.31.1
libsss_nss_idmap-devel-1.13.4-34.31.1
Ссылки
- Link for SUSE-SU-2019:0805-1
- E-Mail link for SUSE-SU-2019:0805-1
- SUSE Security Ratings
- SUSE Bug 1109849
- SUSE Bug 1110121
- SUSE Bug 1121759
- SUSE Bug 1125617
- SUSE Bug 1127670
- SUSE CVE CVE-2019-3811 page
Описание
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:adcli-0.8.2-1.3.1
SUSE Linux Enterprise Desktop 12 SP3:libipa_hbac0-1.13.4-34.31.1
SUSE Linux Enterprise Desktop 12 SP3:libsss_idmap0-1.13.4-34.31.1
SUSE Linux Enterprise Desktop 12 SP3:libsss_nss_idmap0-1.13.4-34.31.1
Ссылки
- CVE-2019-3811
- SUSE Bug 1121759