Описание
Security update for sssd
This update for sssd fixes the following issues:
- CVE-2023-3758: Fixed race condition during authorization that lead to GPO policies functioning inconsistently (bsc#1223100)
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
libipa_hbac-devel-2.5.2-150400.4.27.1
libipa_hbac0-2.5.2-150400.4.27.1
libsss_certmap-devel-2.5.2-150400.4.27.1
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap-devel-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap-devel-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
libsss_simpleifp-devel-2.5.2-150400.4.27.1
libsss_simpleifp0-2.5.2-150400.4.27.1
python3-sssd-config-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-ad-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-common-32bit-2.5.2-150400.4.27.1
sssd-dbus-2.5.2-150400.4.27.1
sssd-ipa-2.5.2-150400.4.27.1
sssd-kcm-2.5.2-150400.4.27.1
sssd-krb5-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
sssd-proxy-2.5.2-150400.4.27.1
sssd-tools-2.5.2-150400.4.27.1
sssd-winbind-idmap-2.5.2-150400.4.27.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
libipa_hbac-devel-2.5.2-150400.4.27.1
libipa_hbac0-2.5.2-150400.4.27.1
libsss_certmap-devel-2.5.2-150400.4.27.1
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap-devel-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap-devel-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
libsss_simpleifp-devel-2.5.2-150400.4.27.1
libsss_simpleifp0-2.5.2-150400.4.27.1
python3-sssd-config-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-ad-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-common-32bit-2.5.2-150400.4.27.1
sssd-dbus-2.5.2-150400.4.27.1
sssd-ipa-2.5.2-150400.4.27.1
sssd-kcm-2.5.2-150400.4.27.1
sssd-krb5-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
sssd-proxy-2.5.2-150400.4.27.1
sssd-tools-2.5.2-150400.4.27.1
sssd-winbind-idmap-2.5.2-150400.4.27.1
SUSE Linux Enterprise Micro 5.3
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
SUSE Linux Enterprise Micro 5.4
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
SUSE Linux Enterprise Server 15 SP4-LTSS
libipa_hbac-devel-2.5.2-150400.4.27.1
libipa_hbac0-2.5.2-150400.4.27.1
libsss_certmap-devel-2.5.2-150400.4.27.1
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap-devel-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap-devel-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
libsss_simpleifp-devel-2.5.2-150400.4.27.1
libsss_simpleifp0-2.5.2-150400.4.27.1
python3-sssd-config-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-ad-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-common-32bit-2.5.2-150400.4.27.1
sssd-dbus-2.5.2-150400.4.27.1
sssd-ipa-2.5.2-150400.4.27.1
sssd-kcm-2.5.2-150400.4.27.1
sssd-krb5-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
sssd-proxy-2.5.2-150400.4.27.1
sssd-tools-2.5.2-150400.4.27.1
sssd-winbind-idmap-2.5.2-150400.4.27.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
libipa_hbac-devel-2.5.2-150400.4.27.1
libipa_hbac0-2.5.2-150400.4.27.1
libsss_certmap-devel-2.5.2-150400.4.27.1
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap-devel-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap-devel-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
libsss_simpleifp-devel-2.5.2-150400.4.27.1
libsss_simpleifp0-2.5.2-150400.4.27.1
python3-sssd-config-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-ad-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-common-32bit-2.5.2-150400.4.27.1
sssd-dbus-2.5.2-150400.4.27.1
sssd-ipa-2.5.2-150400.4.27.1
sssd-kcm-2.5.2-150400.4.27.1
sssd-krb5-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
sssd-proxy-2.5.2-150400.4.27.1
sssd-tools-2.5.2-150400.4.27.1
sssd-winbind-idmap-2.5.2-150400.4.27.1
SUSE Manager Proxy 4.3
libipa_hbac-devel-2.5.2-150400.4.27.1
libipa_hbac0-2.5.2-150400.4.27.1
libsss_certmap-devel-2.5.2-150400.4.27.1
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap-devel-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap-devel-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
libsss_simpleifp-devel-2.5.2-150400.4.27.1
libsss_simpleifp0-2.5.2-150400.4.27.1
python3-sssd-config-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-ad-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-common-32bit-2.5.2-150400.4.27.1
sssd-dbus-2.5.2-150400.4.27.1
sssd-ipa-2.5.2-150400.4.27.1
sssd-kcm-2.5.2-150400.4.27.1
sssd-krb5-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
sssd-proxy-2.5.2-150400.4.27.1
sssd-tools-2.5.2-150400.4.27.1
sssd-winbind-idmap-2.5.2-150400.4.27.1
SUSE Manager Server 4.3
libipa_hbac-devel-2.5.2-150400.4.27.1
libipa_hbac0-2.5.2-150400.4.27.1
libsss_certmap-devel-2.5.2-150400.4.27.1
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap-devel-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap-devel-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
libsss_simpleifp-devel-2.5.2-150400.4.27.1
libsss_simpleifp0-2.5.2-150400.4.27.1
python3-sssd-config-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-ad-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-common-32bit-2.5.2-150400.4.27.1
sssd-dbus-2.5.2-150400.4.27.1
sssd-ipa-2.5.2-150400.4.27.1
sssd-kcm-2.5.2-150400.4.27.1
sssd-krb5-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
sssd-proxy-2.5.2-150400.4.27.1
sssd-tools-2.5.2-150400.4.27.1
sssd-winbind-idmap-2.5.2-150400.4.27.1
openSUSE Leap Micro 5.3
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
openSUSE Leap Micro 5.4
libsss_certmap0-2.5.2-150400.4.27.1
libsss_idmap0-2.5.2-150400.4.27.1
libsss_nss_idmap0-2.5.2-150400.4.27.1
sssd-2.5.2-150400.4.27.1
sssd-common-2.5.2-150400.4.27.1
sssd-krb5-common-2.5.2-150400.4.27.1
sssd-ldap-2.5.2-150400.4.27.1
Ссылки
- Link for SUSE-SU-2024:1578-1
- E-Mail link for SUSE-SU-2024:1578-1
- SUSE Security Ratings
- SUSE Bug 1223100
- SUSE CVE CVE-2023-3758 page
Описание
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libipa_hbac-devel-2.5.2-150400.4.27.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libipa_hbac0-2.5.2-150400.4.27.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsss_certmap-devel-2.5.2-150400.4.27.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsss_certmap0-2.5.2-150400.4.27.1
Ссылки
- CVE-2023-3758
- SUSE Bug 1223100