Headline
Red Hat Security Advisory 2023-0403-01
Red Hat Security Advisory 2023-0403-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: sssd security and bug fix update
Advisory ID: RHSA-2023:0403-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:0403
Issue date: 2023-01-24
CVE Names: CVE-2022-4254
====================================================================
- Summary:
An update for sssd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The System Security Services Daemon (SSSD) service provides a set of
daemons to manage access to remote directories and authentication
mechanisms. It also provides the Name Service Switch (NSS) and the
Pluggable Authentication Modules (PAM) interfaces toward the system, and a
pluggable back-end system to connect to multiple different account sources.
Security Fix(es):
- sssd: libsss_certmap fails to sanitise certificate data used in LDAP
filters (CVE-2022-4254)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
- smartcards: special characters must be escaped when building search
filter (BZ#2149703)
- Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2149894 - CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
sssd-1.16.5-10.el7_9.15.src.rpm
noarch:
python-sssdconfig-1.16.5-10.el7_9.15.noarch.rpm
x86_64:
libipa_hbac-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
libsss_autofs-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.x86_64.rpm
libsss_sudo-1.16.5-10.el7_9.15.x86_64.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-murmur-1.16.5-10.el7_9.15.x86_64.rpm
sssd-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ad-1.16.5-10.el7_9.15.x86_64.rpm
sssd-client-1.16.5-10.el7_9.15.i686.rpm
sssd-client-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-pac-1.16.5-10.el7_9.15.x86_64.rpm
sssd-dbus-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ipa-1.16.5-10.el7_9.15.x86_64.rpm
sssd-kcm-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ldap-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.x86_64.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.x86_64.rpm
sssd-proxy-1.16.5-10.el7_9.15.x86_64.rpm
sssd-tools-1.16.5-10.el7_9.15.x86_64.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64:
libipa_hbac-devel-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.x86_64.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.i686.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
sssd-1.16.5-10.el7_9.15.src.rpm
noarch:
python-sssdconfig-1.16.5-10.el7_9.15.noarch.rpm
x86_64:
libipa_hbac-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
libsss_autofs-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.x86_64.rpm
libsss_sudo-1.16.5-10.el7_9.15.x86_64.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-murmur-1.16.5-10.el7_9.15.x86_64.rpm
sssd-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ad-1.16.5-10.el7_9.15.x86_64.rpm
sssd-client-1.16.5-10.el7_9.15.i686.rpm
sssd-client-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-pac-1.16.5-10.el7_9.15.x86_64.rpm
sssd-dbus-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ipa-1.16.5-10.el7_9.15.x86_64.rpm
sssd-kcm-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ldap-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.x86_64.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.x86_64.rpm
sssd-proxy-1.16.5-10.el7_9.15.x86_64.rpm
sssd-tools-1.16.5-10.el7_9.15.x86_64.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64:
libipa_hbac-devel-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.x86_64.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.i686.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
sssd-1.16.5-10.el7_9.15.src.rpm
noarch:
python-sssdconfig-1.16.5-10.el7_9.15.noarch.rpm
ppc64:
libipa_hbac-1.16.5-10.el7_9.15.ppc.rpm
libipa_hbac-1.16.5-10.el7_9.15.ppc64.rpm
libsss_autofs-1.16.5-10.el7_9.15.ppc64.rpm
libsss_certmap-1.16.5-10.el7_9.15.ppc.rpm
libsss_certmap-1.16.5-10.el7_9.15.ppc64.rpm
libsss_idmap-1.16.5-10.el7_9.15.ppc.rpm
libsss_idmap-1.16.5-10.el7_9.15.ppc64.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.ppc.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.ppc64.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.ppc.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.ppc64.rpm
libsss_sudo-1.16.5-10.el7_9.15.ppc64.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.ppc64.rpm
python-sss-1.16.5-10.el7_9.15.ppc64.rpm
python-sss-murmur-1.16.5-10.el7_9.15.ppc64.rpm
sssd-1.16.5-10.el7_9.15.ppc64.rpm
sssd-ad-1.16.5-10.el7_9.15.ppc64.rpm
sssd-client-1.16.5-10.el7_9.15.ppc.rpm
sssd-client-1.16.5-10.el7_9.15.ppc64.rpm
sssd-common-1.16.5-10.el7_9.15.ppc64.rpm
sssd-common-pac-1.16.5-10.el7_9.15.ppc64.rpm
sssd-dbus-1.16.5-10.el7_9.15.ppc64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.ppc.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.ppc64.rpm
sssd-ipa-1.16.5-10.el7_9.15.ppc64.rpm
sssd-kcm-1.16.5-10.el7_9.15.ppc64.rpm
sssd-krb5-1.16.5-10.el7_9.15.ppc64.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.ppc64.rpm
sssd-ldap-1.16.5-10.el7_9.15.ppc64.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.ppc64.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.ppc64.rpm
sssd-proxy-1.16.5-10.el7_9.15.ppc64.rpm
sssd-tools-1.16.5-10.el7_9.15.ppc64.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.ppc64.rpm
ppc64le:
libipa_hbac-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_autofs-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_certmap-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_idmap-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_sudo-1.16.5-10.el7_9.15.ppc64le.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.ppc64le.rpm
python-sss-1.16.5-10.el7_9.15.ppc64le.rpm
python-sss-murmur-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-ad-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-client-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-common-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-common-pac-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-dbus-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-ipa-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-kcm-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-krb5-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-ldap-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-proxy-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-tools-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.ppc64le.rpm
s390x:
libipa_hbac-1.16.5-10.el7_9.15.s390.rpm
libipa_hbac-1.16.5-10.el7_9.15.s390x.rpm
libsss_autofs-1.16.5-10.el7_9.15.s390x.rpm
libsss_certmap-1.16.5-10.el7_9.15.s390.rpm
libsss_certmap-1.16.5-10.el7_9.15.s390x.rpm
libsss_idmap-1.16.5-10.el7_9.15.s390.rpm
libsss_idmap-1.16.5-10.el7_9.15.s390x.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.s390.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.s390x.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.s390.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.s390x.rpm
libsss_sudo-1.16.5-10.el7_9.15.s390x.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.s390x.rpm
python-sss-1.16.5-10.el7_9.15.s390x.rpm
python-sss-murmur-1.16.5-10.el7_9.15.s390x.rpm
sssd-1.16.5-10.el7_9.15.s390x.rpm
sssd-ad-1.16.5-10.el7_9.15.s390x.rpm
sssd-client-1.16.5-10.el7_9.15.s390.rpm
sssd-client-1.16.5-10.el7_9.15.s390x.rpm
sssd-common-1.16.5-10.el7_9.15.s390x.rpm
sssd-common-pac-1.16.5-10.el7_9.15.s390x.rpm
sssd-dbus-1.16.5-10.el7_9.15.s390x.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.s390.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.s390x.rpm
sssd-ipa-1.16.5-10.el7_9.15.s390x.rpm
sssd-kcm-1.16.5-10.el7_9.15.s390x.rpm
sssd-krb5-1.16.5-10.el7_9.15.s390x.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.s390x.rpm
sssd-ldap-1.16.5-10.el7_9.15.s390x.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.s390x.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.s390x.rpm
sssd-proxy-1.16.5-10.el7_9.15.s390x.rpm
sssd-tools-1.16.5-10.el7_9.15.s390x.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.s390x.rpm
x86_64:
libipa_hbac-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
libsss_autofs-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.x86_64.rpm
libsss_sudo-1.16.5-10.el7_9.15.x86_64.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-murmur-1.16.5-10.el7_9.15.x86_64.rpm
sssd-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ad-1.16.5-10.el7_9.15.x86_64.rpm
sssd-client-1.16.5-10.el7_9.15.i686.rpm
sssd-client-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-pac-1.16.5-10.el7_9.15.x86_64.rpm
sssd-dbus-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ipa-1.16.5-10.el7_9.15.x86_64.rpm
sssd-kcm-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ldap-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.x86_64.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.x86_64.rpm
sssd-proxy-1.16.5-10.el7_9.15.x86_64.rpm
sssd-tools-1.16.5-10.el7_9.15.x86_64.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64:
libipa_hbac-devel-1.16.5-10.el7_9.15.ppc.rpm
libipa_hbac-devel-1.16.5-10.el7_9.15.ppc64.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.ppc.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.ppc64.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.ppc.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.ppc64.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.ppc.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.ppc64.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.ppc.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.ppc64.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.ppc64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.ppc.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.ppc64.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.ppc.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.ppc64.rpm
ppc64le:
libipa_hbac-devel-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.ppc64le.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.ppc64le.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.ppc64le.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.ppc64le.rpm
s390x:
libipa_hbac-devel-1.16.5-10.el7_9.15.s390.rpm
libipa_hbac-devel-1.16.5-10.el7_9.15.s390x.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.s390.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.s390x.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.s390.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.s390x.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.s390.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.s390x.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.s390.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.s390x.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.s390x.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.s390.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.s390x.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.s390.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.s390x.rpm
x86_64:
libipa_hbac-devel-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.i686.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
sssd-1.16.5-10.el7_9.15.src.rpm
noarch:
python-sssdconfig-1.16.5-10.el7_9.15.noarch.rpm
x86_64:
libipa_hbac-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
libsss_autofs-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-1.16.5-10.el7_9.15.x86_64.rpm
libsss_sudo-1.16.5-10.el7_9.15.x86_64.rpm
python-libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm
python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-1.16.5-10.el7_9.15.x86_64.rpm
python-sss-murmur-1.16.5-10.el7_9.15.x86_64.rpm
sssd-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ad-1.16.5-10.el7_9.15.x86_64.rpm
sssd-client-1.16.5-10.el7_9.15.i686.rpm
sssd-client-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-common-pac-1.16.5-10.el7_9.15.x86_64.rpm
sssd-dbus-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ipa-1.16.5-10.el7_9.15.x86_64.rpm
sssd-kcm-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-1.16.5-10.el7_9.15.x86_64.rpm
sssd-krb5-common-1.16.5-10.el7_9.15.x86_64.rpm
sssd-ldap-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-1.16.5-10.el7_9.15.x86_64.rpm
sssd-polkit-rules-1.16.5-10.el7_9.15.x86_64.rpm
sssd-proxy-1.16.5-10.el7_9.15.x86_64.rpm
sssd-tools-1.16.5-10.el7_9.15.x86_64.rpm
sssd-winbind-idmap-1.16.5-10.el7_9.15.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64:
libipa_hbac-devel-1.16.5-10.el7_9.15.i686.rpm
libipa_hbac-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_certmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_nss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.i686.rpm
libsss_simpleifp-devel-1.16.5-10.el7_9.15.x86_64.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.i686.rpm
sssd-debuginfo-1.16.5-10.el7_9.15.x86_64.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.i686.rpm
sssd-libwbclient-devel-1.16.5-10.el7_9.15.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-4254
https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBY9AIrdzjgjWX9erEAQgcYBAAjIZWijeUSNstKmOukNrDs+C6DJP7qKsL
+OarjWijrwCbIszTYRbw5iYLzF6oyYHZaN01JTvwNENJhENLAYwogNOcpYrPBmtB
CwxILDXnmklnzHgGMRL5lUwhPpWyusopdxYdrpP32/nHi8MxpLAGewr5uXEq3qWP
rEyvoR8YQK9VjUOa4oMRVLyCgjjbzVl6HtMOuCdFoNB4aLLE9V2s3VBPqE017/El
x4/kl60izxzJyTEZmYjOjxqiC8U5lRS5GoRXb5IUBIv+xgTTYP9KAfISfAGuo3ea
DtmGNq+GTIZG1olS2hlePMwloM2lktQej2UA7hRv9czsX6v9V0LCYfdH3V3fVsTP
bPjnnhm2mWuDM5XuNyyxUA+Zn6WdlgBkKLAud9f8LD0ujCIYBiH0JpswVqtlxiSZ
Vp0DNyMQgUPAhJZzbX6tqLonhJD7d6nzKfFi3UXGRBTkNXkHVXjEt8rvg37ZTRRL
VW6a0eRlrbxunZprhBZnfTu6ZD8QWsZZbjtRNkD/FU/+cAdMO6H6485K61InLw6l
nfHvFLhcvQPoaSxS16Gv7RtLBdKg0aVumoH0kct9bF+QjkQnU5Vj+5q0Mf3kDzhE
PvZIkJ2pb8b6GhM2VXANZAfrX+t9ta2HorogPTlhCNYnb16zrYqB67zVxmmGwP51
qRsN6jz72ncÜa/
-----END PGP SIGNATURE-----
–
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Related news
Ubuntu Security Notice 6156-1 - It was discovered that SSSD incorrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges.
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Red Hat Security Advisory 2023-0442-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
Red Hat Security Advisory 2023-0397-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
An update for sssd is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4254: sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4254: sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
An update for sssd is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4254: sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters