Ubuntu
sssd package

Change log for sssd package in Ubuntu

175 of 231 results FirstPreviousLast
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
sssd (2.9.4-1.1ubuntu6) noble; urgency=medium

  * No-change rebuild for c-ares t64.

 -- Matthias Klose <email address hidden>  Tue, 16 Apr 2024 11:55:56 +0200
Superseded in noble-release
Superseded in noble-proposed 
sssd (2.9.4-1.1ubuntu5) noble; urgency=medium

  * Fix build-time tests (LP: #2058576):
    - d/p/fix-format-string-time64.patch: fix format string used for a
      timestamp filter string. Thanks to Sergio Durigan Junior
      <email address hidden> for the troubleshooting session.
    - d/control: faketime is used for tests, and is currently not
      working on armhf with a 64bit time_t (see LP #2059078)

 -- Andreas Hasenack <email address hidden>  Fri, 05 Apr 2024 10:23:52 -0300
Superseded in noble-proposed 
sssd (2.9.4-1.1ubuntu4) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 08:25:06 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
sssd (2.9.4-1.1ubuntu3) noble; urgency=medium

  * No-change rebuild against libcurl4t64

 -- Steve Langasek <email address hidden>  Sat, 16 Mar 2024 07:03:24 +0000
Superseded in noble-proposed 
sssd (2.9.4-1.1ubuntu2) noble; urgency=medium

  * No-change rebuild against libcom-err2

 -- Steve Langasek <email address hidden>  Tue, 12 Mar 2024 20:34:29 +0000
Superseded in noble-proposed 
sssd (2.9.4-1.1ubuntu1) noble; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
    - d/apparmor-profile: Add some entries to apparmor-profile file
      to get rid of the extraneous ALLOWED messages visible in the
      /var/log/syslog. (LP #1999190)

 -- Sergio Durigan Junior <email address hidden>  Fri, 08 Mar 2024 11:22:58 -0500
Superseded in noble-proposed 
sssd (2.9.4-1ubuntu2) noble; urgency=medium

  * No-change rebuild against libssl3t64

 -- Steve Langasek <email address hidden>  Mon, 04 Mar 2024 21:27:15 +0000

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
sssd (2.9.4-1ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2055074). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
    - d/apparmor-profile: Add some entries to apparmor-profile file
      to get rid of the extraneous ALLOWED messages visible in the
      /var/log/syslog. (LP #1999190)
  * Drop changes:
    - d/t/control: Remove "needs-sudo" restriction from smartcard tests,
      replace with "needs-root".  This is needed because Ubuntu's
      autopkgtest infrastructure doesn't support "needs-sudo".
    - d/t/sssd-smart-card-pam-auth-configs-tester.sh,
      d/t/sssd-softhism2-certificates-tests.sh: Add code to handle
      ${AUTOPKGTEST_NORMAL_USER}.
      [ Incorporated by Debian. ]

 -- Sergio Durigan Junior <email address hidden>  Mon, 26 Feb 2024 14:08:42 -0500

Available diffs

Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
sssd (2.9.2-1ubuntu2) noble; urgency=medium

  * No-change rebuild with Python 3.12 as default

 -- Graham Inggs <email address hidden>  Sun, 21 Jan 2024 07:50:43 +0000
Superseded in noble-proposed 
sssd (2.9.2-1ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2040429). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
    - d/apparmor-profile: Add some entries to apparmor-profile file
      to get rid of the extraneous ALLOWED messages visible in the
      /var/log/syslog. (LP #1999190)
  * Add changes:
    - d/t/control: Remove "needs-sudo" restriction from smartcard tests,
      replace with "needs-root".  This is needed because Ubuntu's
      autopkgtest infrastructure doesn't support "needs-sudo".
    - d/t/sssd-smart-card-pam-auth-configs-tester.sh,
      d/t/sssd-softhism2-certificates-tests.sh: Add code to handle
      ${AUTOPKGTEST_NORMAL_USER}.

 -- Sergio Durigan Junior <email address hidden>  Wed, 03 Jan 2024 11:20:10 -0500

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
sssd (2.9.1-2ubuntu3) noble; urgency=medium

  * Rebuild against latest libunistring

 -- Jeremy Bícha <email address hidden>  Fri, 27 Oct 2023 11:05:49 -0400

Available diffs

Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
sssd (2.9.1-2ubuntu2) mantic; urgency=medium

  * d/apparmor-profile: Add some entries to apparmor-profile file
    to get rid of the extraneous ALLOWED messages visible in the
    /var/log/syslog. (LP: #1999190)

 -- Michal Maloszewski <email address hidden>  Wed, 04 Oct 2023 16:58:26 +0200

Available diffs

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
sssd (2.9.1-2ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2028722). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
Superseded in mantic-proposed 
sssd (2.9.1-1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018112). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
  * Drop change:
    - d/rules: Fix 'find' syntax to remove '*.egg-info'
      files/directories.
      [ Incorporated by Debian. ]

 -- Sergio Durigan Junior <email address hidden>  Tue, 11 Jul 2023 14:48:14 -0400

Available diffs

Published in focal-updates
Published in focal-security 
sssd (2.2.3-3ubuntu0.12) focal-security; urgency=medium

  * Fix crash with mismatched packages (LP: #2023598)
    - debian/control: add a versioned dependency on libsss-certmap0 to the
      sssd-common package.

 -- Marc Deslauriers <email address hidden>  Thu, 15 Jun 2023 18:16:57 -0400
Superseded in focal-updates
Superseded in focal-security 
sssd (2.2.3-3ubuntu0.11) focal-security; urgency=medium

  * SECURITY UPDATE: libsss_certmap fails to sanitise certificate data used
    in LDAP filters
    - debian/patches/CVE-2022-4254.patch: sanitize LDAP search filter in
      Makefile.am, src/lib/certmap/sss_certmap.c,
      src/lib/certmap/sss_certmap.exports, src/lib/certmap/sss_certmap.h,
      src/responder/pam/pamsrv_p11.c, src/tests/cmocka/test_certmap.c,
      src/util/util.c, src/util/util_ext.c.
    - CVE-2022-4254

 -- Marc Deslauriers <email address hidden>  Tue, 06 Jun 2023 09:22:35 -0400
Superseded in focal-updates
Superseded in focal-security 
sssd (2.2.3-3ubuntu0.10) focal-security; urgency=medium

  * No-change rebuild against samba security update.

 -- Marc Deslauriers <email address hidden>  Fri, 03 Mar 2023 08:21:36 -0500
Obsolete in kinetic-updates
Deleted in kinetic-proposed (Reason: moved to -updates) 
sssd (2.7.3-2ubuntu2.1) kinetic; urgency=medium

  * d/p/fix-client-fd-leak.patch (LP: #1996869):
    - close client socket at thread exit
    - only build lock-free client support if libc has required
      functionality for a proper cleanup
    - use proper mechanisms to init lock_mode only once

 -- Lena Voytek <email address hidden>  Fri, 20 Jan 2023 11:03:59 -0700
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
sssd (2.8.1-1ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993448). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
  * Drop changes:
    - Revert dh_nss usage; the feature is still being polished.
      + d/control: Don't Build-Depend on dh-sequence-installnss.
      + d/libnss-sss.nss: Remove file.
      + d/libnss-sss.postinst: Revert changes to use dh-nss.
      + d/libnss-sss.postrm: Likewise.
      [ Fixed in Debian. ]
    - d/p/initialize-uid-gid-main-functions.patch: Initialize UID/GID
      variables in "main" functions, preventing inadvertent changes in
      p11_child.log file permissions. (LP #1989356)
      [ Incorporated by upstream. ]
  * Add changes:
    - d/rules: Fix 'find' syntax to remove '*.egg-info'
      files/directories.
      [ Submitted to Debian. ]

 -- Sergio Durigan Junior <email address hidden>  Tue, 03 Jan 2023 16:42:10 -0500
Superseded in lunar-proposed 
sssd (2.7.3-2ubuntu4) lunar; urgency=medium

  * No-change rebuild with Python 3.11 as default

 -- Graham Inggs <email address hidden>  Tue, 27 Dec 2022 03:42:49 +0000

Available diffs

Superseded in lunar-proposed 
sssd (2.7.3-2ubuntu3) lunar; urgency=medium

  * No-change rebuild against libldap-2

 -- Steve Langasek <email address hidden>  Thu, 15 Dec 2022 19:56:34 +0000

Available diffs

Published in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
sssd (2.6.3-1ubuntu3.2) jammy; urgency=medium

  * d/p/initialize-uid-gid-main-functions.patch: Initialize UID/GID
    variables in "main" functions, preventing inadvertent changes in
    p11_child.log file permissions. (LP: #1989356)

 -- Sergio Durigan Junior <email address hidden>  Tue, 04 Oct 2022 19:04:33 -0400
Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
sssd (2.7.3-2ubuntu2) kinetic; urgency=medium

  * d/p/initialize-uid-gid-main-functions.patch: Initialize UID/GID
    variables in "main" functions, preventing inadvertent changes in
    p11_child.log file permissions. (LP: #1989356)

 -- Sergio Durigan Junior <email address hidden>  Tue, 04 Oct 2022 19:00:49 -0400

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
sssd (2.7.3-2ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable (LP: #1987348, #1988615). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
  * Add changes:
    - Revert dh_nss usage; the feature is still being polished.
      + d/control: Don't Build-Depend on dh-sequence-installnss.
      + d/libnss-sss.nss: Remove file.
      + d/libnss-sss.postinst: Revert changes to use dh-nss.
      + d/libnss-sss.postrm: Likewise.

 -- Sergio Durigan Junior <email address hidden>  Tue, 06 Sep 2022 13:56:06 -0400

Available diffs

Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates) 
sssd (2.6.3-1ubuntu3.1) jammy; urgency=medium

  * d/p/lp1934997-authentication-fails-gpo-non-existent.patch:
    Fix authentication failure when GPO is enabled and
    SecEdit/GptTmpl.inf is missing (LP: #1934997).
  * d/p/lp1979350-GPO-ignore-non-ascii-symbols-in-GPT.INI.patch:
    Ignore non-ASCII characters in GPT.INI.  (LP: #1979350)
  * Fix "sssctl analyze" (LP: #1979453)
    [ Timo Aaltonen ]
    - d/{python3-libipa-hbac.install,python3-sss.install,
      sssd-tools.install,rules}: Fix Python installation directory
      path.
    [ Sergio Durigan Junior ]
    - d/p/lp1979453-fix-shebang-on-sss_analyze.patch: Fix shebang on
      sss_analyze.

 -- Sergio Durigan Junior <email address hidden>  Wed, 22 Jun 2022 12:31:22 -0400
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
sssd (2.7.2-3ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
sssd (2.2.3-3ubuntu0.9) focal; urgency=medium

  * d/p/lp1934997-authentication-fails-gpo-non-existent.patch:
    Fix authentication failure when GPO is enabled and
    SecEdit/GptTmpl.inf is missing (LP: #1934997).
  * d/p/lp1979350-GPO-ignore-non-ascii-symbols-in-GPT.INI.patch:
    Ignore non-ASCII characters in GPT.INI.  (LP: #1979350)

 -- Sergio Durigan Junior <email address hidden>  Tue, 21 Jun 2022 14:29:52 -0400
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
sssd (2.7.1-2ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable (LP: #1971327, #1934997). Remaining changes:
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
  * Dropped changes:
    - d/rules: Disable lto, not ready upstream.
    [ Incorporated by Debian ]

 -- Sergio Durigan Junior <email address hidden>  Tue, 14 Jun 2022 16:59:20 -0400

Available diffs

Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
sssd (2.6.3-1ubuntu3) jammy; urgency=medium

  * No-change rebuild with new samba 4.15.5

 -- Andreas Hasenack <email address hidden>  Thu, 24 Feb 2022 08:55:08 -0300
Superseded in jammy-proposed 
sssd (2.6.3-1ubuntu2) jammy; urgency=medium

  * No-change rebuild with new libnfsidmap from src:nfs-utils

 -- Andreas Hasenack <email address hidden>  Thu, 17 Feb 2022 10:57:41 -0300

Available diffs

Superseded in jammy-proposed 
sssd (2.6.3-1ubuntu1) jammy; urgency=medium

  * Merge with Debian unstable (LP: #1946904). Remaining changes:
    - d/rules: Disable lto, not ready upstream.
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/control: Don't build sssd-tools on i386, now uninstallable due
      to added python3-{click,systemd} dependencies.
  * Dropped changes, picked by Debian:
    - Remove RANDFILE from the config template. It's no longer necessary and
      breaks with openssl 3.0.

 -- Sergio Durigan Junior <email address hidden>  Mon, 14 Feb 2022 16:21:21 -0500

Available diffs

Superseded in jammy-proposed 
sssd (2.6.1-1ubuntu4) jammy; urgency=medium

  * No-change rebuild with Python 3.10 as default version

 -- Graham Inggs <email address hidden>  Sun, 16 Jan 2022 15:13:06 +0000

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
sssd (2.6.1-1ubuntu3) jammy; urgency=medium

  * Remember how architecture lists in debian/control work.

 -- Steve Langasek <email address hidden>  Fri, 17 Dec 2021 23:12:51 +0000
Superseded in jammy-proposed 
sssd (2.6.1-1ubuntu2) jammy; urgency=medium

  * Don't build sssd-tools on i386, now uninstallable due to added
    python3-{click,systemd} dependencies.

 -- Steve Langasek <email address hidden>  Fri, 17 Dec 2021 21:50:00 +0000

Available diffs

Superseded in jammy-proposed 
sssd (2.6.1-1ubuntu1) jammy; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Disable lto, not ready upstream.
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - Remove RANDFILE from the config template. It's no longer necessary and
      breaks with openssl 3.0.
  * Dropped changes, included upstream:
    - d/p/fix-python-tests.patch: Fix Python tests by making them
      assert Python module paths by using full pathnames.
  * Dropped changes, included in Debian:
    - debian/control: Switch to libsemanage-dev from libsemanage1-dev

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
sssd (2.5.2-4ubuntu4) jammy; urgency=medium

  * No-change rebuild against libssl3

 -- Steve Langasek <email address hidden>  Thu, 09 Dec 2021 00:19:23 +0000
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
sssd (2.5.2-4ubuntu3) jammy; urgency=medium

  * Remove RANDFILE from the config template. It's no longer necessary and
    breaks with openssl 3.0.

 -- Rico Tzschichholz <email address hidden>  Tue, 23 Nov 2021 20:19:07 +0100
Superseded in jammy-proposed 
sssd (2.5.2-4ubuntu2) jammy; urgency=medium

  * debian/control: Switch to libsemanage-dev from libsemanage1-dev

 -- Rico Tzschichholz <email address hidden>  Mon, 22 Nov 2021 20:51:36 +0100
Superseded in focal-updates
Superseded in focal-security 
sssd (2.2.3-3ubuntu0.8) focal-security; urgency=medium

  * No-change rebuild against samba security update.

 -- Marc Deslauriers <email address hidden>  Wed, 10 Nov 2021 10:20:51 -0500
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
sssd (2.5.2-4ubuntu1) jammy; urgency=medium

  * Merge with Debian unstable (LP: #1946904). Remaining changes:
    - Disable lto, not ready upstream.
    - d/control: Drop libgdm-dev Build-Depend on i386.
    - d/p/fix-python-tests.patch: Fix Python tests by making them
      assert Python module paths by using full pathnames.
  * Dropped changes:
    - d/apparmor-profile: Update profile. (LP #1910611)
      + Extend read permissions to /etc/sssd/** and /etc/gss/**.
      + Add read/execute permission to /usr/libexec/sssd/*.
      [ Incorporated by Debian.  ]
    - Fix FTBFS with newer autoconf
      + debian/patches/fix_newer_autoconf.patch: do not unset PYTHON_PREFIX
        and PYTHON_EXEC_PREFIX in src/external/python.m4.
      [ Incorporated by Debian. ]
    - SECURITY UPDATE: shell command injection in sssctl comment
      + debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
        avoid execution of user supplied command in
        src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
        src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
      + CVE-2021-3621
      [ Incorporated by Debian. ]
    - d/p/disable-fail_over-tests.patch: Disable fail_over-tests,
      which is failing when running inside sbuild.
      [ Not needed anymore; issue does not reproduce on Jammy. ]

 -- Sergio Durigan Junior <email address hidden>  Wed, 27 Oct 2021 20:16:31 -0400

Available diffs

Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
sssd (2.4.1-2ubuntu4) impish; urgency=medium

  * Fix FTBFS with newer autoconf
    - debian/patches/fix_newer_autoconf.patch: do not unset PYTHON_PREFIX
      and PYTHON_EXEC_PREFIX in src/external/python.m4.

 -- Marc Deslauriers <email address hidden>  Wed, 08 Sep 2021 11:39:53 -0400
Published in bionic-updates
Published in bionic-security 
sssd (1.16.1-1ubuntu1.8) bionic-security; urgency=medium

  * SECURITY UPDATE: sudo rules read issue
    - debian/patches/CVE-2018-10852.patch: create the socket with stricter
      permissions in src/responder/sudo/sudosrv.c,
      src/sysv/systemd/sssd-sudo.socket.in.
    - CVE-2018-10852
  * SECURITY UPDATE: permissions issue in GPO implementation
    - debian/patches/CVE-2018-16838.patch: add option
      ad_gpo_ignore_unreadable in src/config/cfg_rules.ini,
      src/man/sssd-ad.5.xml, src/providers/ad/ad_common.h,
      src/providers/ad/ad_gpo.c, src/providers/ad/ad_opts.c.
    - CVE-2018-16838
  * SECURITY UPDATE: sssd returns / for emtpy home directories
    - debian/patches/CVE-2019-3811.patch: return empty string in
      src/confdb/confdb.c, src/man/include/ad_modified_defaults.xml,
      src/responder/nss/nss_protocol_pwent.c,
      src/tests/intg/test_files_provider.py.
    - CVE-2019-3811
  * SECURITY UPDATE: shell command injection in sssctl comment
    - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
      avoid execution of user supplied command in
      src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
      src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
    - CVE-2021-3621

 -- Marc Deslauriers <email address hidden>  Wed, 18 Aug 2021 08:31:06 -0400
Superseded in focal-updates
Superseded in focal-security 
sssd (2.2.3-3ubuntu0.7) focal-security; urgency=medium

  * SECURITY UPDATE: shell command injection in sssctl comment
    - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
      avoid execution of user supplied command in
      src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
      src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
    - CVE-2021-3621

 -- Marc Deslauriers <email address hidden>  Wed, 18 Aug 2021 08:19:23 -0400
Superseded in impish-proposed 
sssd (2.4.1-2ubuntu3) impish; urgency=medium

  * SECURITY UPDATE: shell command injection in sssctl comment
    - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
      avoid execution of user supplied command in
      src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
      src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
    - CVE-2021-3621

 -- Marc Deslauriers <email address hidden>  Wed, 18 Aug 2021 08:13:38 -0400

Available diffs

Obsolete in hirsute-updates
Obsolete in hirsute-security 
sssd (2.4.0-1ubuntu6.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: shell command injection in sssctl comment
    - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
      avoid execution of user supplied command in
      src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
      src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
    - CVE-2021-3621

 -- Marc Deslauriers <email address hidden>  Wed, 18 Aug 2021 08:15:26 -0400
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
sssd (2.4.1-2ubuntu2) impish; urgency=medium

  * No-change rebuild due to OpenLDAP soname bump.

 -- Sergio Durigan Junior <email address hidden>  Mon, 21 Jun 2021 18:09:16 -0400

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
sssd (2.2.3-3ubuntu0.6) focal; urgency=medium

  * debian/patches/fix-gpo-MS-ADTS-compliance.patch:
    - Backport several upstream patches from 2.3.x and 2.4.x in ad_gpo
      namespaces. This makes it compliant with MS ADTS spec, which allows
      gpos to be downloaded on user login. (LP: #1933116)
Superseded in focal-proposed 
sssd (2.2.3-3ubuntu0.5) focal-proposed; urgency=medium

  * SRU: LP: #1931074: Fix tests to also pass with Python 3.8.10.

 -- Matthias Klose <email address hidden>  Mon, 07 Jun 2021 10:01:44 +0200
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
sssd (2.4.1-2ubuntu1) impish; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/apparmor-profile: Update profile. (LP #1910611)
      + Extend read permissions to /etc/sssd/** and /etc/gss/**.
      + Add read/execute permission to /usr/libexec/sssd/*.
    - Disable lto, not ready upstream.
    - d/control: Drop libgdm-dev Build-Depend on i386.
  * Dropped changes:
    - d/p/condition-path-exists-sssd-conf.patch: Only start
      sssd.service if there is a configuration file present.
      (LP: #1900642)
      [ Included in 2.4.1-2 ]
    - d/p/0003-Only-start-sssd.service-if-there-s-a-configuration-f.patch:
      Upstream patch to make sssd.service only able to start when there
      is a configuration file present.  (LP #1900642)
    - d/p/condition-path-exists-sssd-conf.patch: Remove.
      [ Included in 2.4.1-2 ]
    - Avoid sending malformed SYSLOG_IDENTIFIER to journald (LP #1908065):
      + d/p/lp-1908065-01-syslog_identifier-format.patch:
        Upstream patch to include "sssd[]" identifier in program names.
      + d/p/lp-1908065-02-remove-syslog_identifier.patch:
        Upstream patch to remove custom SYSLOG_IDENTIFIER from Journald.
      [ Included in 2.4.1-2 ]
  * Added changes:
    - d/p/fix-python-tests.patch: Fix Python tests by making them
      assert Python module paths by using full pathnames.
    - d/p/disable-fail_over-tests.patch: Disable fail_over-tests,
      which is failing when running inside sbuild.

 -- Sergio Durigan Junior <email address hidden>  Tue, 18 May 2021 17:29:58 -0400

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
sssd (2.4.0-1ubuntu7) impish; urgency=medium

  * d/control: Drop libgdm-dev Build-Depend on i386.

 -- Sergio Durigan Junior <email address hidden>  Tue, 11 May 2021 16:22:31 -0400

Available diffs

Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute) 
sssd (2.4.0-1ubuntu6) hirsute; urgency=medium

  * Disable lto, not ready upstream.

 -- Matthias Klose <email address hidden>  Tue, 23 Mar 2021 13:18:53 +0100

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
sssd (2.2.3-3ubuntu0.4) focal; urgency=medium

  [ Marco Trevisan ]
  * debian/control:
    - Add missing (test) dependencies as per libcrypto usage (LP: #1905790)
    - Update Maintainer to Ubuntu devs
  * debian/rules: Compile using libcrypto as crypto backend (LP: #1905790)
  * debian/nss-database-pem-exporter: Add to sssd-common and run on postinst.
    When upgrading from previous versions (that were compiled using the NSS
    crypto backend) we need to migrate the trusted CA certificates that the
    user may have added to the SSSD's NSS system database (that defaults to
    /etc/pki/nssdb).
    To do this, and not to introduce a new dependency on libnss3-tools
    (which is not shipped by default, other than making the parsing not
    working in some scenarios) I've added a small C tool that we compile and
    install as part of the sssd-common package which is able to get all the
    trusted CA certificates for a NSS database and export them in PEM
    format.
    The nss-database-pem-exporter is then used in the postinst script where
    we now:
     1. Read the SSSD settings
     2. Convert all the certificates in the configured NSS databases
     3. Store them all, appending them to the (new) default location
        (/etc/sssd/pki/sssd_auth_ca_db.pem)
     4. Disables the configured locations if pointing to NSS dbs (needed or
        we'll leave the configuration with broken values).
    At this point nss-database-pem-exporter is then the only binary in the
    package that still depends on NSS libraries. (LP: #1905790)
  * debian/patches:
    - Get libsofthsm2 from right path for each architecture, this is now used
      for real (wasn't before) to test p11k components with libcrypto and
      p11-kit, also avoids a test build failure on armhf (LP: #1905790)

  [ Valters Jansons ]
  * Avoid sending malformed SYSLOG_IDENTIFIER to journald (LP: #1908065):
    - d/rules: Set --with-syslog=journald in override_dh_auto_configure.
    - d/p/lp-1908065-01-debug_prg_name-format.patch:
      Upstream patch to clean up program names.
    - d/p/lp-1908065-02-syslog_identifier-format.patch:
      Upstream patch to include "sssd[]" identifier in program names.
    - d/p/lp-1908065-03-remove-syslog_identifier.patch:
      Upstream patch to remove custom SYSLOG_IDENTIFIER from Journald.

 -- Marco Trevisan (Treviño) <email address hidden>  Thu, 11 Feb 2021 15:31:14 -0500
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
sssd (2.4.0-1ubuntu5) hirsute; urgency=medium

  * No change rebuild with fixed ownership.

 -- Dimitri John Ledkov <email address hidden>  Tue, 16 Feb 2021 15:22:14 +0000
Obsolete in groovy-updates
Deleted in groovy-proposed (Reason: moved to -updates) 
sssd (2.3.1-3ubuntu4) groovy; urgency=medium

  * Avoid sending malformed SYSLOG_IDENTIFIER to journald (LP: #1908065):
    - d/p/lp-1908065-01-syslog_identifier-format.patch:
      Upstream patch to include "sssd[]" identifier in program names.
    - d/p/lp-1908065-02-remove-syslog_identifier.patch:
      Upstream patch to remove custom SYSLOG_IDENTIFIER from Journald.

 -- Valters Jansons <email address hidden>  Fri, 05 Feb 2021 16:07:05 +0000

Available diffs

Superseded in hirsute-proposed 
sssd (2.4.0-1ubuntu4) hirsute; urgency=medium

  * Avoid sending malformed SYSLOG_IDENTIFIER to journald (LP: #1908065):
    - d/p/lp-1908065-01-syslog_identifier-format.patch:
      Upstream patch to include "sssd[]" identifier in program names.
    - d/p/lp-1908065-02-remove-syslog_identifier.patch:
      Upstream patch to remove custom SYSLOG_IDENTIFIER from Journald.

 -- Valters Jansons <email address hidden>  Fri, 05 Feb 2021 20:51:32 +0000

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
sssd (2.2.3-3ubuntu0.3) focal; urgency=medium

  * d/apparmor-profile: Update profile. (LP: #1910611)
    - Extend read permissions to /etc/sssd/** and /etc/gss/**.
    - Add read/execute permission to /usr/libexec/sssd/*.

 -- Sergio Durigan Junior <email address hidden>  Mon, 18 Jan 2021 16:30:13 -0500
Superseded in groovy-updates
Deleted in groovy-proposed (Reason: moved to -updates) 
sssd (2.3.1-3ubuntu3) groovy; urgency=medium

  * d/apparmor-profile: Update profile. (LP: #1910611)
    - Extend read permissions to /etc/sssd/conf.d/* and /etc/gss/mech.d/*.
    - Add read/execute permission to /usr/libexec/sssd/*.

 -- Sergio Durigan Junior <email address hidden>  Mon, 18 Jan 2021 16:56:21 -0500

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
sssd (2.4.0-1ubuntu3) hirsute; urgency=medium

  * d/apparmor-profile: Update profile. (LP: #1910611)
    - Extend read permissions to /etc/sssd/conf.d/* and /etc/gss/mech.d/*.
    - Add read/execute permission to /usr/libexec/sssd/*.

 -- Sergio Durigan Junior <email address hidden>  Mon, 18 Jan 2021 16:57:21 -0500

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates) 
sssd (2.2.3-3ubuntu0.2) focal; urgency=medium

  * d/p/0003-Only-start-sssd.service-if-there-s-a-configuration-f.patch:
    Upstream patch to make sssd.service only able to start when there
    is a configuration file present.  (LP: #1900642)

 -- Sergio Durigan Junior <email address hidden>  Mon, 11 Jan 2021 14:33:54 -0500
Superseded in groovy-updates
Deleted in groovy-proposed (Reason: moved to -updates) 
sssd (2.3.1-3ubuntu2) groovy; urgency=medium

  * d/p/0003-Only-start-sssd.service-if-there-s-a-configuration-f.patch:
    Upstream patch to make sssd.service only able to start when there
    is a configuration file present.  (LP: #1900642)
  * d/p/condition-path-exists-sssd-conf.patch: Remove.

 -- Sergio Durigan Junior <email address hidden>  Mon, 11 Jan 2021 14:30:55 -0500

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
sssd (2.4.0-1ubuntu2) hirsute; urgency=medium

  * d/p/0003-Only-start-sssd.service-if-there-s-a-configuration-f.patch:
    Upstream patch to make sssd.service only able to start when there
    is a configuration file present.  (LP: #1900642)
  * d/p/condition-path-exists-sssd-conf.patch: Remove.

 -- Sergio Durigan Junior <email address hidden>  Tue, 12 Jan 2021 16:17:38 -0500

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
sssd (2.4.0-1ubuntu1) hirsute; urgency=medium

  * d/p/condition-path-exists-sssd-conf.patch: Only start
    sssd.service if there is a configuration file present.
    (LP: #1900642)

 -- Sergio Durigan Junior <email address hidden>  Thu, 10 Dec 2020 14:20:24 -0500
Superseded in groovy-proposed 
sssd (2.3.1-3ubuntu1) groovy; urgency=medium

  * d/p/condition-path-exists-sssd-conf.patch: Only start
    sssd.service if there is a configuration file present.
    (LP: #1900642)

 -- Sergio Durigan Junior <email address hidden>  Thu, 10 Dec 2020 14:54:29 -0500
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
sssd (2.4.0-1) unstable; urgency=medium

  * New upstream release.
  * source: Update diff-ignore.

 -- Timo Aaltonen <email address hidden>  Tue, 08 Dec 2020 22:36:54 +0200
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
sssd (2.3.1-3build1) hirsute; urgency=medium

  * No change rebuild against new python3.9 ABI.

 -- Dimitri John Ledkov <email address hidden>  Tue, 24 Nov 2020 09:58:25 +0000
Superseded in focal-security
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates)
Deleted in focal-security (Reason: Possibly causing a regression, backing off from -security...)
Deleted in focal-updates (Reason: Possibly causing a regression, backing off from -security...)
Deleted in focal-proposed (Reason: moved to -updates) 
sssd (2.2.3-3ubuntu0.1) focal; urgency=medium

  * Enable support for "ad_use_ldaps" for new Active Directory
    requirement ADV190023 (LP: #1868703):
    - d/p/lp-1868703-01-ad-allow-booleans-for-ad_inherit_opts_if_needed.patch
    - d/p/lp-1868703-02-ad-add-ad_use_ldaps.patch
    - d/p/lp-1868703-03-ldap-add-new-option-ldap_sasl_maxssf.patch
    - d/p/lp-1868703-04-ad-set-min-and-max-ssf-for-ldaps.patch

 -- Matthew Ruffell <email address hidden>  Tue, 10 Nov 2020 11:59:08 +1300
Superseded in bionic-security
Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates)
Deleted in bionic-security (Reason: Possibly causing a regression, backing off from -security...)
Deleted in bionic-updates (Reason: Possibly causing a regression, backing off from -security...)
Deleted in bionic-proposed (Reason: moved to -updates) 
sssd (1.16.1-1ubuntu1.7) bionic; urgency=medium

  * Enable support for "ad_use_ldaps" for new Active Directory
    requirement ADV190023 (LP: #1868703):
    - d/p/lp-1868703-01-sdap-inherit-SDAP_SASL_MECH-if-not-set-explicitly.patch
    - d/p/lp-1868703-02-ad-allow-booleans-for-ad_inherit_opts_if_needed.patch
    - d/p/lp-1868703-03-ad-add-ad_use_ldaps.patch
    - d/p/lp-1868703-04-ldap-add-new-option-ldap_sasl_maxssf.patch
    - d/p/lp-1868703-05-ad-set-min-and-max-ssf-for-ldaps.patch

 -- Matthew Ruffell <email address hidden>  Tue, 10 Nov 2020 12:10:04 +1300
Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
sssd (2.3.1-3) unstable; urgency=medium

  * control: Move libsss-sudo to sssd-common Suggests. (LP: #1249777)

 -- Timo Aaltonen <email address hidden>  Tue, 06 Oct 2020 15:56:19 +0300

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
sssd (2.3.1-2) unstable; urgency=medium

  * control: Add sssd-dbus to sssd-tools Recommends. (LP: #1895645)

 -- Timo Aaltonen <email address hidden>  Thu, 17 Sep 2020 14:15:03 +0300

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
sssd (2.3.1-1) unstable; urgency=medium

  * New upstream release. (Closes: #965307, #965143)
  * source: Extend diff-ignore.
  * rules: Set --with-libwbclient.
  * control: Add libsofthsm2 to build-depends for tests.

 -- Timo Aaltonen <email address hidden>  Tue, 28 Jul 2020 17:14:55 +0300
Superseded in bionic-updates
Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates) 
sssd (1.16.1-1ubuntu1.6) bionic; urgency=medium

  * d/p/monitor-propagate-error.patch,
    d/p/monitor-resolve-symlinks.patch: correctly monitor the
    /etc/resolv.conf symlink when its target changes from a non-existent
    file to one that exists (LP: #1723350)

 -- Andreas Hasenack <email address hidden>  Mon, 11 May 2020 17:42:04 -0300
Obsolete in eoan-updates
Deleted in eoan-proposed (Reason: moved to -updates) 
sssd (2.2.0-4ubuntu1.1) eoan; urgency=medium

  * d/p/monitor-propagate-error.patch,
    d/p/monitor-resolve-symlinks.patch: correctly monitor the
    /etc/resolv.conf symlink when its target changes from a non-existent
    file to one that exists (LP: #1723350)

 -- Andreas Hasenack <email address hidden>  Tue, 12 May 2020 16:58:37 -0300
Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
sssd (2.2.3-3ubuntu1) groovy; urgency=medium

  * Fix build with samba 4.12.x:
    - d/p/refresh-ndr-methods.patch
    - d/p/use-ndr_token_peek.patch
    - d/p/use-ndr_pull_steal_switch_value.patch

 -- Andreas Hasenack <email address hidden>  Wed, 13 May 2020 14:06:29 +0000
Superseded in groovy-proposed 
sssd (2.2.3-3build1) groovy; urgency=medium

  * Rebuild with new ldb

 -- Andreas Hasenack <email address hidden>  Wed, 13 May 2020 09:50:11 -0300
Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
sssd (2.2.3-3) unstable; urgency=medium

  * libnss-sss: Fix a typo in adding the NSS entry for automount.
    (LP: #1873752)
  * control, watch: Update upstream url to github.

 -- Timo Aaltonen <email address hidden>  Mon, 20 Apr 2020 17:52:18 +0300

Available diffs

175 of 231 results FirstPreviousLast