-
sssd (2.4.1-2ubuntu4) impish; urgency=medium
* Fix FTBFS with newer autoconf
- debian/patches/fix_newer_autoconf.patch: do not unset PYTHON_PREFIX
and PYTHON_EXEC_PREFIX in src/external/python.m4.
-- Marc Deslauriers <email address hidden> Wed, 08 Sep 2021 11:39:53 -0400
-
sssd (2.4.1-2ubuntu3) impish; urgency=medium
* SECURITY UPDATE: shell command injection in sssctl comment
- debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
avoid execution of user supplied command in
src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
- CVE-2021-3621
-- Marc Deslauriers <email address hidden> Wed, 18 Aug 2021 08:13:38 -0400
-
sssd (2.4.1-2ubuntu2) impish; urgency=medium
* No-change rebuild due to OpenLDAP soname bump.
-- Sergio Durigan Junior <email address hidden> Mon, 21 Jun 2021 18:09:16 -0400
-
sssd (2.4.1-2ubuntu1) impish; urgency=medium
* Merge with Debian unstable. Remaining changes:
- d/apparmor-profile: Update profile. (LP #1910611)
+ Extend read permissions to /etc/sssd/** and /etc/gss/**.
+ Add read/execute permission to /usr/libexec/sssd/*.
- Disable lto, not ready upstream.
- d/control: Drop libgdm-dev Build-Depend on i386.
* Dropped changes:
- d/p/condition-path-exists-sssd-conf.patch: Only start
sssd.service if there is a configuration file present.
(LP: #1900642)
[ Included in 2.4.1-2 ]
- d/p/0003-Only-start-sssd.service-if-there-s-a-configuration-f.patch:
Upstream patch to make sssd.service only able to start when there
is a configuration file present. (LP #1900642)
- d/p/condition-path-exists-sssd-conf.patch: Remove.
[ Included in 2.4.1-2 ]
- Avoid sending malformed SYSLOG_IDENTIFIER to journald (LP #1908065):
+ d/p/lp-1908065-01-syslog_identifier-format.patch:
Upstream patch to include "sssd[]" identifier in program names.
+ d/p/lp-1908065-02-remove-syslog_identifier.patch:
Upstream patch to remove custom SYSLOG_IDENTIFIER from Journald.
[ Included in 2.4.1-2 ]
* Added changes:
- d/p/fix-python-tests.patch: Fix Python tests by making them
assert Python module paths by using full pathnames.
- d/p/disable-fail_over-tests.patch: Disable fail_over-tests,
which is failing when running inside sbuild.
-- Sergio Durigan Junior <email address hidden> Tue, 18 May 2021 17:29:58 -0400
-
sssd (2.4.0-1ubuntu7) impish; urgency=medium
* d/control: Drop libgdm-dev Build-Depend on i386.
-- Sergio Durigan Junior <email address hidden> Tue, 11 May 2021 16:22:31 -0400
-
sssd (2.4.0-1ubuntu6) hirsute; urgency=medium
* Disable lto, not ready upstream.
-- Matthias Klose <email address hidden> Tue, 23 Mar 2021 13:18:53 +0100