Описание
Security update for sssd
This update for sssd fixes the following issues:
Security issue fixed:
- CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation (bsc#1124194).
Non-security issue fixed:
- Create directory to download and cache GPOs (bsc#1132879)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.3
libipa_hbac-devel-1.13.4-21.1
libipa_hbac0-1.13.4-21.1
libsss_idmap-devel-1.13.4-21.1
libsss_idmap0-1.13.4-21.1
libsss_nss_idmap-devel-1.13.4-21.1
libsss_nss_idmap0-1.13.4-21.1
libsss_sudo-1.13.4-21.1
python-ipa_hbac-1.13.4-21.1
python-sss_nss_idmap-1.13.4-21.1
python-sssd-config-1.13.4-21.1
sssd-1.13.4-21.1
sssd-32bit-1.13.4-21.1
sssd-ad-1.13.4-21.1
sssd-ipa-1.13.4-21.1
sssd-krb5-1.13.4-21.1
sssd-krb5-common-1.13.4-21.1
sssd-ldap-1.13.4-21.1
sssd-proxy-1.13.4-21.1
sssd-tools-1.13.4-21.1
Ссылки
- E-Mail link for openSUSE-SU-2019:1576-1
- SUSE Security Ratings
Описание
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
Затронутые продукты
openSUSE Leap 42.3:libipa_hbac-devel-1.13.4-21.1
openSUSE Leap 42.3:libipa_hbac0-1.13.4-21.1
openSUSE Leap 42.3:libsss_idmap-devel-1.13.4-21.1
openSUSE Leap 42.3:libsss_idmap0-1.13.4-21.1
Ссылки
- CVE-2018-16838
- SUSE Bug 1124194