12 matches found
SUSE-SU-2023:0300-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2022-4254: Fixed a bug in libssscertmap which could allow an attacker to gain control of the admin account and perform a full domain takeover. bsc1207474...
SUSE-SU-2023:0204-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2022-4254: Fixed a bug in libssscertmap which could allow an attacker to gain control of the admin account and perform a full domain takeover. bsc1207474...
SUSE-SU-2022:2763-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommand bsc1189492. - Add 'ldapignoreunreadablereferences' parameter to skip unreadable objects referenced by 'member' attributte bsc1190775 - Fix 32-bi...
SUSE-SU-2021:2941-1 Security update for sssd
This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands bsc1189492. - Add LDAPS support for the AD provider bsc1183735. - Improve logs to record the reason why internal watchdog terminates a process...
Security update for sssd (important)
openSUSE Security Update: Security update for sssd Announcement ID: openSUSE-SU-2021:2941-1 Rating: important References: 1183735 1187120 1189492 Cross-References: CVE-2021-3621 CVSS scores: CVE-2021-3621 SUSE: 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3...
SUSE-SU-2019:1477-1 Security update for sssd
This update for sssd fixes the following issues: Security issue fixed: - CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation bsc1124194. Non-security issue fixed: - Create directory to download and cache GPOs bsc1132879...
Security update for sssd (moderate)
openSUSE Security Update: Security update for sssd Announcement ID: openSUSE-SU-2019:0344-1 Rating: moderate References: 1004220 1087320 1120852 1121759 1125277 Cross-References: CVE-2019-3811 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has four fixes is now...
SUSE-SU-2019:0552-1 Security update for sssd
This update for sssd fixes the following issues: Security vulnerability fixed: - CVE-2019-3811: Fix fallbackhomedir returning '/' for empty home directories bsc1121759 Other bug fixes and changes: - Skip sdapsavegrpmem if ignoregroupmembers is set. bsc1082568 - Only search for primary group if it...
[SECURITY] [DLA 1635-1] sssd security update
Package : sssd Version : 1.11.7-3+deb8u2 CVE ID : CVE-2019-3811 Debian Bug : 919051 A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return / the root directory instead of the empty string / no home directory. This could impact services that...
SUSE-SU-2019:0081-1 Security update for sssd
This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377 These non-security issues were fixed: - Fix a segmentation fault in ssscac...
openSUSE Security Update : sssd (openSUSE-2016-1238)
This update for sssd fixes one security issue and three bugs. The following vulnerability was fixed : - CVE-2014-0249: Incorrect expansion of group membership when encountering a non-POSIX group. bsc880245 The following non-security fixes were also included : - Prevent crashes of statically linke...
MGASA-2013-0158 Updated sssd packages fix security vulnerability
A TOCTOU time-of-check time-of-use race condition was found in the way SSSD, System Security Services Daemon, performed copying and removal of user directory trees.A local attacker, with permissions to write into directory of the victim, being actively / currently copied / removed via the sssd...