Описание
Recommended update for adcli, sssd
This update for adcli and sssd provides the following improvement:
Security vulnerability fixed:
- CVE-2019-3811: Fix fallback_homedir returning '/' for empty home directories (bsc#1121759)
Other fixes:
- Add an option to disable checking for trusted domains in the subdomains provider (bsc#1125617)
- Clear pid file in corner cases (bsc#1127670)
- Fix child unable to write to log file after SIGHUP (bsc#1127670)
- Include adcli in SUSE Linux Enterprise 12 SP3 for sssd-ad. (fate#326619, bsc#1109849)
The adcli enables sssd to do password renewal when using Active Directory.
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.3
libipa_hbac-devel-1.13.4-15.1
libipa_hbac0-1.13.4-15.1
libsss_idmap-devel-1.13.4-15.1
libsss_idmap0-1.13.4-15.1
libsss_nss_idmap-devel-1.13.4-15.1
libsss_nss_idmap0-1.13.4-15.1
libsss_sudo-1.13.4-15.1
python-ipa_hbac-1.13.4-15.1
python-sss_nss_idmap-1.13.4-15.1
python-sssd-config-1.13.4-15.1
sssd-1.13.4-15.1
sssd-32bit-1.13.4-15.1
sssd-ad-1.13.4-15.1
sssd-ipa-1.13.4-15.1
sssd-krb5-1.13.4-15.1
sssd-krb5-common-1.13.4-15.1
sssd-ldap-1.13.4-15.1
sssd-proxy-1.13.4-15.1
sssd-tools-1.13.4-15.1
Ссылки
- E-Mail link for openSUSE-SU-2019:1174-1
- SUSE Security Ratings
Описание
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
Затронутые продукты
openSUSE Leap 42.3:libipa_hbac-devel-1.13.4-15.1
openSUSE Leap 42.3:libipa_hbac0-1.13.4-15.1
openSUSE Leap 42.3:libsss_idmap-devel-1.13.4-15.1
openSUSE Leap 42.3:libsss_idmap0-1.13.4-15.1
Ссылки
- CVE-2019-3811
- SUSE Bug 1121759