ELSA-2019-2177

ULN >
Oracle Linux Errata repository >
ELSA-2019-2177

ELSA-2019-2177 - sssd security, bug fix, and enhancement update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2019-08-13

Description

[1.16.4-21]
- Resolves: rhbz#1714952 - [sssd] RHEL 7.7 Tier 0 Localization
- Rebuild japanese gmo file explicitly

[1.16.4-20]
- Resolves: rhbz#1714952 - [sssd] RHEL 7.7 Tier 0 Localization

[1.16.4-19]
- Resolves: rhbz#1707959 - sssd does not properly check GSS-SPNEGO

[1.16.4-18]
- Resolves: rhbz#1710286 - The server error message is not returned if
password change fails

[1.16.4-17]
- Resolves: rhbz#1711832 - The files provider does not handle resetOffline
properly

[1.16.4-16]
- Resolves: rhbz#1707759 - Error accessing files on samba share randomly

[1.16.4-15]
- Resolves: rhbz#1685581 - Extend cached_auth_timeout to cover subdomains
/trusts

[1.16.4-14]
- Resolves: rhbz#1684979 - The HBAC code requires dereference to be enabled
and fails otherwise

[1.16.4-12]
- Resolves: rhbz#1576524 - RHEL STIG pointing sssd Packaging issue
- This was partially fixed by the rebase, but one
spec file change was missing.

[1.16.4-12]
- Resolves: rhbz#1524566 - FIPS mode breaks using pysss.so (sss_obfuscate)

[1.16.4-11]
- Resolves: rhbz#1350012 - kinit / sssd kerberos fail over
- Resolves: rhbz#720688 - [RFE] return multiple server addresses to the
Kerberos locator plugin

[1.16.4-10]
- Resolves: rhbz#1402056 - [RFE] Make 2FA prompting configurable

[1.16.4-9]
- Resolves: rhbz#1666819 - SSSD can trigger a NSS lookup when parsing the
filter_users/groups lists on startup, this can
block the startup

[1.16.4-8]
- Resolves: rhbz#1645461 - Slow ldb search causes blocking during startup
which might cause the registration to time out

[1.16.4-7]
- Resolves: rhbz#1685581 - Extend cached_auth_timeout to cover
subdomains / trusts

[1.16.4-6]
- Resolves: rhbz#1671138 - User is unable to perform sudo as a user on IPA
Server, even though 'sudo -l' shows permissions
to do so

[1.16.4-5]
- Resolves: rhbz#1657806 - [RFE]: Optionally disable generating auto private
groups for subdomains of an AD provider

[1.16.4-4]
- Resolves: rhbz#1641131 - [RFE] Need an option in SSSD so that it will skip
GPOs that have groupPolicyContainers, unreadable
by SSSD.
- Resolves: rhbz#1660874 - CVE-2018-16838 sssd: improper implementation of
GPOs due to too restrictive permissions [rhel-7]

[1.16.4-3]
- Resolves: rhbz#1631656 - KCM: kinit: Matching credential not found while
getting default ccache

[1.16.4-2]
- Resolves: rhbz#1406678 - sssd service is starting before network service
- Resolves: rhbz#1616853 - SSSD always boots in Offline mode

[1.16.4-1]
- Resolves: rhbz#1658994 - Rebase SSSD to 1.16.x

[1.16.2-17]
- Resolves: rhbz#1603311 - Enable generating user private groups only for
users with uid == gid where gid does not
correspond to a real LDAP group

[1.16.2-16]
- Resolves: rhbz#1602172 - SSSDs LDAP authentication provider does not work
if ID provider is authenticated with GSSAPI

[1.16.2-15]
- Resolves: rhbz#1622109 - SSSD not fetching all sudo rules from AD

[1.16.2-14]
- Resolves: rhbz#1619706 - sssd only sets the SELinux login context if it
differs from the default

Related CVEs

CVE-2018-16838

CVE-2019-3811

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	sssd-1.16.4-21.el7.src.rpm	7849d10fc41efa26c62372b64ecbc1a7	ELBA-2021-0341
	libipa_hbac-1.16.4-21.el7.aarch64.rpm	fa04244b9278973369a0c1a6de4565a4	ELBA-2021-0341
	libipa_hbac-devel-1.16.4-21.el7.aarch64.rpm	27f0348271bc3c5abcdc6e73fd5058fd	ELBA-2021-0341
	libsss_autofs-1.16.4-21.el7.aarch64.rpm	81468337472eb323e8a212d4ddbcc9a3	ELBA-2021-0341
	libsss_certmap-1.16.4-21.el7.aarch64.rpm	7d2f48b04440776bb15e18fde102f991	ELBA-2021-0341
	libsss_certmap-devel-1.16.4-21.el7.aarch64.rpm	084f0113f12d52a9d25fb44ebaae3372	ELBA-2021-0341
	libsss_idmap-1.16.4-21.el7.aarch64.rpm	4a367a3c496b9fb738b6ff7eee662cfd	ELBA-2021-0341
	libsss_idmap-devel-1.16.4-21.el7.aarch64.rpm	b212acbded1a5f51c89f2e0479ec5496	ELBA-2021-0341
	libsss_nss_idmap-1.16.4-21.el7.aarch64.rpm	f038d5d3f9c4e45c4a43742ae7ab5939	ELBA-2021-0341
	libsss_nss_idmap-devel-1.16.4-21.el7.aarch64.rpm	d477ca55268a8a18b6c9ff53cd62a23f	ELBA-2021-0341
	libsss_simpleifp-1.16.4-21.el7.aarch64.rpm	d031eb856d07c0afb7593fee16ac402d	ELBA-2021-0341
	libsss_simpleifp-devel-1.16.4-21.el7.aarch64.rpm	375884f5857f982d6e501069df2454e2	ELBA-2021-0341
	libsss_sudo-1.16.4-21.el7.aarch64.rpm	2a226dbee8e7414e7d494fa0c57872a4	ELBA-2021-0341
	python-libipa_hbac-1.16.4-21.el7.aarch64.rpm	c8dd902c44fb1a1910362c20fe7f2301	ELBA-2021-0341
	python-libsss_nss_idmap-1.16.4-21.el7.aarch64.rpm	9d7368c4f20d676677d7e730cb61810f	ELBA-2021-0341
	python-sss-1.16.4-21.el7.aarch64.rpm	c5224ff78fa94143890226ae712fab96	ELBA-2021-0341
	python-sss-murmur-1.16.4-21.el7.aarch64.rpm	b453c69a3d3daa7cffdab9412bc80044	ELBA-2021-0341
	python-sssdconfig-1.16.4-21.el7.noarch.rpm	bb267686d73d424d047d86b88a5414bf	ELBA-2021-0341
	sssd-1.16.4-21.el7.aarch64.rpm	fa1a2f6174eb3101a6ba62171ba4b0a5	ELBA-2021-0341
	sssd-ad-1.16.4-21.el7.aarch64.rpm	d387d994109085358f689da05128e2f0	ELBA-2021-0341
	sssd-client-1.16.4-21.el7.aarch64.rpm	a88172bb1a7c84ce7d5437adf4e3ee5f	ELBA-2021-0341
	sssd-common-1.16.4-21.el7.aarch64.rpm	8afd35701304f52ba11e1571c4ed0023	ELBA-2021-0341
	sssd-common-pac-1.16.4-21.el7.aarch64.rpm	b3474e5e3b4376d56462b40e4fe1b171	ELBA-2021-0341
	sssd-dbus-1.16.4-21.el7.aarch64.rpm	4662b73f3ae8cc90f31518e56412a961	ELBA-2021-0341
	sssd-ipa-1.16.4-21.el7.aarch64.rpm	2eeebbf91aaac85aeeda0daae706cf3c	ELBA-2021-0341
	sssd-kcm-1.16.4-21.el7.aarch64.rpm	833af672977ea05d4875e983794b3b4e	ELBA-2021-0341
	sssd-krb5-1.16.4-21.el7.aarch64.rpm	a606626f2056b851122510f1dbc5fb2b	ELBA-2021-0341
	sssd-krb5-common-1.16.4-21.el7.aarch64.rpm	191684102d7d2e78e5ad68a7e47806e7	ELBA-2021-0341
	sssd-ldap-1.16.4-21.el7.aarch64.rpm	9aed69af514890476828a0b5864be155	ELBA-2021-0341
	sssd-libwbclient-1.16.4-21.el7.aarch64.rpm	92c2cd3f054f32bd82513e4dc89d4c79	ELBA-2021-0341
	sssd-libwbclient-devel-1.16.4-21.el7.aarch64.rpm	8906d7cc73ca65190c9650ec075faec2	ELBA-2021-0341
	sssd-polkit-rules-1.16.4-21.el7.aarch64.rpm	76fbe2a4c54749ebd0daac89aabc91d7	ELBA-2021-0341
	sssd-proxy-1.16.4-21.el7.aarch64.rpm	2c20627d84fc58f851981328844e7629	ELBA-2021-0341
	sssd-tools-1.16.4-21.el7.aarch64.rpm	3aa4de9f5a9de00ef3c957d0269660ee	ELBA-2021-0341
	sssd-winbind-idmap-1.16.4-21.el7.aarch64.rpm	96f2207e041666497cd1d7d9e98084d5	ELBA-2021-0341

Oracle Linux 7 (x86_64)	sssd-1.16.4-21.el7.src.rpm	7849d10fc41efa26c62372b64ecbc1a7	ELBA-2021-0341
	libipa_hbac-1.16.4-21.el7.i686.rpm	0ab762e5c4e2b26e6cc3ddd8816a2f33	ELBA-2021-0341
	libipa_hbac-1.16.4-21.el7.x86_64.rpm	fccde55f070ee45c37f389d0957080a2	ELBA-2021-0341
	libipa_hbac-devel-1.16.4-21.el7.i686.rpm	7f5b89e068e3d1d1d7a2620024ca232b	ELBA-2021-0341
	libipa_hbac-devel-1.16.4-21.el7.x86_64.rpm	1735829d79d8e975e8458d9604b9870d	ELBA-2021-0341
	libsss_autofs-1.16.4-21.el7.x86_64.rpm	3aa155dcd33d0e312ace0bed1db2ecdd	ELBA-2021-0341
	libsss_certmap-1.16.4-21.el7.i686.rpm	87791a9ec2e909b2d576212bb21fb208	ELBA-2021-0341
	libsss_certmap-1.16.4-21.el7.x86_64.rpm	53d2fc1b9d8c617fc357943aa3b105a0	ELBA-2021-0341
	libsss_certmap-devel-1.16.4-21.el7.i686.rpm	7b35e02346da10b5b4c4c512a44ecc52	ELBA-2021-0341
	libsss_certmap-devel-1.16.4-21.el7.x86_64.rpm	07d480d3938ab044cf2c51e4db4557b4	ELBA-2021-0341
	libsss_idmap-1.16.4-21.el7.i686.rpm	1968e52c26273aed74848ce08ca7aa0e	ELBA-2021-0341
	libsss_idmap-1.16.4-21.el7.x86_64.rpm	9cffb6ca1909c94575d88e98b201ed04	ELBA-2021-0341
	libsss_idmap-devel-1.16.4-21.el7.i686.rpm	53c49d4ec652fd9006f902769254bc9a	ELBA-2021-0341
	libsss_idmap-devel-1.16.4-21.el7.x86_64.rpm	af86e97e7d10d4677611deb23c01da41	ELBA-2021-0341
	libsss_nss_idmap-1.16.4-21.el7.i686.rpm	9c0dc891a71ae09ac6f8f3d31f860296	ELBA-2021-0341
	libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm	aa0d582a22a9e3d5708d02cc7b552c73	ELBA-2021-0341
	libsss_nss_idmap-devel-1.16.4-21.el7.i686.rpm	4b6ed1890eb9291ffb4f87b33186908d	ELBA-2021-0341
	libsss_nss_idmap-devel-1.16.4-21.el7.x86_64.rpm	a3690d46496e795c5e69b32a582855ab	ELBA-2021-0341
	libsss_simpleifp-1.16.4-21.el7.i686.rpm	269f6b1ed2cd74214db19c75cbabdeea	ELBA-2021-0341
	libsss_simpleifp-1.16.4-21.el7.x86_64.rpm	659a30911464d539d1ba79d064504f95	ELBA-2021-0341
	libsss_simpleifp-devel-1.16.4-21.el7.i686.rpm	0ee2939278462fec127846885eb08139	ELBA-2021-0341
	libsss_simpleifp-devel-1.16.4-21.el7.x86_64.rpm	6801cc629678c5cd57f4f3c5082e277e	ELBA-2021-0341
	libsss_sudo-1.16.4-21.el7.x86_64.rpm	b35e4ed3b07c73fca382c89db128dbcb	ELBA-2021-0341
	python-libipa_hbac-1.16.4-21.el7.x86_64.rpm	3f023809774f36c6ca22d7a8b062336f	ELBA-2021-0341
	python-libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm	d6cad56f27de408711a06aac40084ea8	ELBA-2021-0341
	python-sss-1.16.4-21.el7.x86_64.rpm	18b45a3ed0e9ebf12563d0fa0dc2ebac	ELBA-2021-0341
	python-sss-murmur-1.16.4-21.el7.x86_64.rpm	21c4d6b1de9fff247dc5c1b4ddb1e6c0	ELBA-2021-0341
	python-sssdconfig-1.16.4-21.el7.noarch.rpm	bb267686d73d424d047d86b88a5414bf	ELBA-2021-0341
	sssd-1.16.4-21.el7.x86_64.rpm	2c4d1f57eb521209c35e7c1e6705c648	ELBA-2021-0341
	sssd-ad-1.16.4-21.el7.x86_64.rpm	996c16f4db9fa9b4dee258692088efbd	ELBA-2021-0341
	sssd-client-1.16.4-21.el7.i686.rpm	3db18272c5462805e50adf329013e505	ELBA-2021-0341
	sssd-client-1.16.4-21.el7.x86_64.rpm	4f1a83935b04ee4555e6eba34df5ce0e	ELBA-2021-0341
	sssd-common-1.16.4-21.el7.x86_64.rpm	b49d94017513fe38f267e7816cdc6ef3	ELBA-2021-0341
	sssd-common-pac-1.16.4-21.el7.x86_64.rpm	d266a3eade2c923991c5d38746b94af7	ELBA-2021-0341
	sssd-dbus-1.16.4-21.el7.x86_64.rpm	8ec458fa532b0d9c4453ddbde571138c	ELBA-2021-0341
	sssd-ipa-1.16.4-21.el7.x86_64.rpm	b4637bcecd197b7f6049d34a06674707	ELBA-2021-0341
	sssd-kcm-1.16.4-21.el7.x86_64.rpm	96e05e7081a4d8d698acfba1697eec48	ELBA-2021-0341
	sssd-krb5-1.16.4-21.el7.x86_64.rpm	d29eb9ef7a7ca14f945d80a4454d8786	ELBA-2021-0341
	sssd-krb5-common-1.16.4-21.el7.x86_64.rpm	6db3b1b881cc6d62f66cd27ac7e0001b	ELBA-2021-0341
	sssd-ldap-1.16.4-21.el7.x86_64.rpm	f8e3c18192176e00d1bfd3773e9cae8a	ELBA-2021-0341
	sssd-libwbclient-1.16.4-21.el7.x86_64.rpm	2fc83c56f56e8689a6d6d486e5755862	ELBA-2021-0341
	sssd-libwbclient-devel-1.16.4-21.el7.i686.rpm	ae7422a19131352a2cf3001e78e04d6f	ELBA-2021-0341
	sssd-libwbclient-devel-1.16.4-21.el7.x86_64.rpm	12e840a56024d8b4fa68330da4eed708	ELBA-2021-0341
	sssd-polkit-rules-1.16.4-21.el7.x86_64.rpm	ae672eb238be63213ff134ea9fe4e77f	ELBA-2021-0341
	sssd-proxy-1.16.4-21.el7.x86_64.rpm	3a1e3a1cbe47a1e139b9c368bff98239	ELBA-2021-0341
	sssd-tools-1.16.4-21.el7.x86_64.rpm	3db254eb68187cc5a819341cd76ed2ba	ELBA-2021-0341
	sssd-winbind-idmap-1.16.4-21.el7.x86_64.rpm	85133424a3b6002620789fb936b12c21	ELBA-2021-0341

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691