Publishing details
Changelog
sssd (1.16.1-1ubuntu1.8) bionic-security; urgency=medium
* SECURITY UPDATE: sudo rules read issue
- debian/patches/CVE-2018-10852.patch: create the socket with stricter
permissions in src/responder/sudo/sudosrv.c,
src/sysv/systemd/sssd-sudo.socket.in.
- CVE-2018-10852
* SECURITY UPDATE: permissions issue in GPO implementation
- debian/patches/CVE-2018-16838.patch: add option
ad_gpo_ignore_unreadable in src/config/cfg_rules.ini,
src/man/sssd-ad.5.xml, src/providers/ad/ad_common.h,
src/providers/ad/ad_gpo.c, src/providers/ad/ad_opts.c.
- CVE-2018-16838
* SECURITY UPDATE: sssd returns / for emtpy home directories
- debian/patches/CVE-2019-3811.patch: return empty string in
src/confdb/confdb.c, src/man/include/ad_modified_defaults.xml,
src/responder/nss/nss_protocol_pwent.c,
src/tests/intg/test_files_provider.py.
- CVE-2019-3811
* SECURITY UPDATE: shell command injection in sssctl comment
- debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
avoid execution of user supplied command in
src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
- CVE-2021-3621
-- Marc Deslauriers <email address hidden> Wed, 18 Aug 2021 08:31:06 -0400
Builds
Built packages
-
libipa-hbac-dev
FreeIPA HBAC Evaluator library -- development files
-
libipa-hbac0
FreeIPA HBAC Evaluator library
-
libipa-hbac0-dbgsym
debug symbols for libipa-hbac0
-
libnss-sss
Nss library for the System Security Services Daemon
-
libnss-sss-dbgsym
debug symbols for libnss-sss
-
libpam-sss
Pam module for the System Security Services Daemon
-
libpam-sss-dbgsym
debug symbols for libpam-sss
-
libsss-certmap-dev
Certificate mapping library for SSSD -- development files
-
libsss-certmap0
Certificate mapping library for SSSD
-
libsss-certmap0-dbgsym
debug symbols for libsss-certmap0
-
libsss-idmap-dev
ID mapping library for SSSD -- development files
-
libsss-idmap0
ID mapping library for SSSD
-
libsss-idmap0-dbgsym
debug symbols for libsss-idmap0
-
libsss-nss-idmap-dev
SID based lookups library for SSSD -- development files
-
libsss-nss-idmap0
SID based lookups library for SSSD
-
libsss-nss-idmap0-dbgsym
debug symbols for libsss-nss-idmap0
-
libsss-simpleifp-dev
SSSD D-Bus responder helper library -- development files
-
libsss-simpleifp0
SSSD D-Bus responder helper library
-
libsss-simpleifp0-dbgsym
debug symbols for libsss-simpleifp0
-
libsss-sudo
Communicator library for sudo
-
libsss-sudo-dbgsym
debug symbols for libsss-sudo
-
libwbclient-sssd
SSSD libwbclient implementation
-
libwbclient-sssd-dbgsym
debug symbols for libwbclient-sssd
-
libwbclient-sssd-dev
SSSD libwbclient implementation -- development files
-
python-libipa-hbac
Python bindings for the FreeIPA HBAC Evaluator library
-
python-libipa-hbac-dbgsym
debug symbols for python-libipa-hbac
-
python-libsss-nss-idmap
Python bindings for the SID lookups library
-
python-libsss-nss-idmap-dbgsym
debug symbols for python-libsss-nss-idmap
-
python-sss
Python module for the System Security Services Daemon
-
python-sss-dbgsym
debug symbols for python-sss
-
python3-libipa-hbac
Python3 bindings for the FreeIPA HBAC Evaluator library
-
python3-libipa-hbac-dbgsym
debug symbols for python3-libipa-hbac
-
python3-libsss-nss-idmap
Python3 bindings for the SID lookups library
-
python3-libsss-nss-idmap-dbgsym
debug symbols for python3-libsss-nss-idmap
-
python3-sss
Python3 module for the System Security Services Daemon
-
python3-sss-dbgsym
debug symbols for python3-sss
-
sssd
System Security Services Daemon -- metapackage
-
sssd-ad
System Security Services Daemon -- Active Directory back end
-
sssd-ad-common
System Security Services Daemon -- PAC responder
-
sssd-ad-common-dbgsym
debug symbols for sssd-ad-common
-
sssd-ad-dbgsym
debug symbols for sssd-ad
-
sssd-common
System Security Services Daemon -- common files
-
sssd-common-dbgsym
debug symbols for sssd-common
-
sssd-dbus
System Security Services Daemon -- D-Bus responder
-
sssd-dbus-dbgsym
debug symbols for sssd-dbus
-
sssd-ipa
System Security Services Daemon -- IPA back end
-
sssd-ipa-dbgsym
debug symbols for sssd-ipa
-
sssd-kcm
System Security Services Daemon -- Kerberos KCM server implementation
-
sssd-kcm-dbgsym
debug symbols for sssd-kcm
-
sssd-krb5
System Security Services Daemon -- Kerberos back end
-
sssd-krb5-common
System Security Services Daemon -- Kerberos helpers
-
sssd-krb5-common-dbgsym
debug symbols for sssd-krb5-common
-
sssd-krb5-dbgsym
debug symbols for sssd-krb5
-
sssd-ldap
System Security Services Daemon -- LDAP back end
-
sssd-ldap-dbgsym
debug symbols for sssd-ldap
-
sssd-proxy
System Security Services Daemon -- proxy back end
-
sssd-proxy-dbgsym
debug symbols for sssd-proxy
-
sssd-tools
System Security Services Daemon -- tools
-
sssd-tools-dbgsym
debug symbols for sssd-tools
Package files