sssd security, bug fix, and enhancement update

2011-07-31T00:00:00
ID ELSA-2011-0975
Type oraclelinux
Reporter Oracle
Modified 2011-07-31T00:00:00

Description

[1.5.1-37] - Reverts: rhbz#680443 - Dynamic DNS update fails if multiple servers are - given in ipa_server config option [1.5.1-36] - Resolves: rhbz#709333 - sssd. should require sssd-client. [1.5.1-35] - Resolves: rhbz#707340 - latest sssd fails if ldap_default_authtok_type is - not mentioned - Resolves: rhbz#707574 - SSSD's async resolver only tries the first - nameserver in /etc/resolv.conf [1.5.1-34] - Resolves: rhbz#701702 - sssd client libraries use select() but should use - poll() instead [1.5.1-33] - Related: rhbz#700858 - Automatic TGT renewal overwrites cached password - Fix segfault in TGT renewal [1.5.1-32] - Resolves: rhbz#700858 - Automatic TGT renewal overwrites cached password [1.5.1-30] - Resolves: rhbz#696979 - Filters not honoured against fully-qualified users [1.5.1-29] - Resolves: rhbz#694149 - SSSD consumes GBs of RAM, possible memory leak [1.5.1-28] - Related: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS - information [1.5.1-27] - Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-26] - Resolves: rhbz#695476 - Unable to resolve SRV record when called with [in ldap_uri] - Related: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-25] - Resolves: rhbz#694853 - SSSD crashes during getent when anonymous bind is - disabled [1.5.1-24] - Resolves: rhbz#692960 - Process /usr/libexec/sssd/sssd_be was killed by - signal 11 (SIGSEGV) - Fix is to not attempt to resolve nameless servers [1.5.1-23] - Resolves: rhbz#691900 - SSSD needs to fall back to 'cn' for GECOS - information [1.5.1-21] - Resolves: rhbz#690867 - Groups with a zero-length memberuid attribute can - cause SSSD to stop caching and responding to - requests [1.5.1-20] - Resolves: rhbz#690287 - Traceback messages seen while interrupting - sss_obfuscate using ctrl+d - Resolves: rhbz#690814 - [abrt] sssd-1.2.1-28.el6_0.4: _talloc_free: Process - /usr/libexec/sssd/sssd_be was killed by signal 11 - (SIGSEGV) [1.5.1-19] - Related: rhbz#690096 - SSSD should skip over groups with multiple names [1.5.1-18] - Resolves: rhbz#690093 - SSSD breaks on RDNs with a comma in them - Resolves: rhbz#690096 - SSSD should skip over groups with multiple names - Resolves: rhbz#689887 - group memberships are not populated correctly during - IPA provider initgroups - Resolves: rhbz#688697 - Skip users and groups that have incomplete contents - Resolves: rhbz#688694 - authconfig fails when access_provider is set as krb5 - in sssd.conf [1.5.1-17] - Resolves: rhbz#688677 - Build SSSD in RHEL 5.7 against openldap24-libs - Adds support for following LDAP referrals and using Mozilla NSS for crypto - support [1.5.1-16] - Resolves: rhbz#683260 - sudo/ldap lookup via sssd gets stuck for 5min - waiting on netgroup - Resolves: rhbz#683585 - sssd consumes 100% CPU - Related: rhbz#680441 - sssd does not handle kerberos server IP change [1.5.1-15] - Related: rhbz#680441 - sssd does not handle kerberos server IP change - SSSD was staying with the old server if it was still online [1.5.1-14] - Resolves: rhbz#682853 - IPA provider should use realm instead of ipa_domain - for base DN [1.5.1-13] - Resolves: rhbz#682803 - sssd-be segmentation fault - ipa-client on - ipa-server - Resolves: rhbz#680441 - sssd does not handle kerberos server IP change - Resolves: rhbz#680443 - Dynamic DNS update fails if multiple servers are - given in ipa_server config option - Resolves: rhbz#680933 - Do not delete sysdb memberOf if there is no memberOf - attribute on the server - Resolves: rhbz#682808 - sssd_nss core dumps with certain lookups [1.5.1-12] - Related: rhbz#679087 - SSSD IPA provider should honor the krb5_realm option - Related: rhbz#678615 - SSSD needs to look at IPA's compat tree for netgroups [1.5.1-11] - Resolves: rhbz#679087 - SSSD IPA provider should honor the krb5_realm option - Resolves: rhbz#679097 - Does not read renewable ccache at startup [1.5.1-10] - Resolves: rhbz#678606 - User information not updated on login for secondary - domains - Resolves: rhbz#678778 - IPA provider does not update removed group - memberships on initgroups [1.5.1-9] - Resolves: rhbz#678780 - sssd crashes at the next tgt renewals it tries - Resolves: rhbz#678412 - name service caches names, so id command shows - recently deleted users - Resolves: rhbz#678615 - SSSD needs to look at IPA's compat tree for - netgroups [1.5.1-8] - Related: rhbz#665314 - Rebase SSSD to 1.5 in RHEL 5.7 - Fix generation of translated manpages [1.5.1-7] - Resolves: rhbz#665314 - Rebase SSSD to 1.5 in RHEL 5.7 - Resolves: rhbz#676027 - sssd segfault when first entry of ldap_uri is - unreachable - Resolves: rhbz#678032 - Remove HBAC time rules from SSSD - Resolves: rhbz#675007 - sssd corrupts group cache - Resolves: rhbz#608864 - [RFE] Support obfuscated passwords in the SSSD - configuration