UbuntuUpdates.org

Package "sssd"

Name: sssd

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Python3 bindings for the FreeIPA HBAC Evaluator library
  • Python3 bindings for the SID lookups library
  • System Security Services Daemon -- Kerberos KCM server implementation

Latest version: 2.2.3-3ubuntu0.12
Release: focal (20.04)
Level: security
Repository: universe

Links



Other versions of "sssd" in Focal

Repository Area Version
base main 2.2.3-3
security main 2.2.3-3ubuntu0.12
updates universe 2.2.3-3ubuntu0.12
updates main 2.2.3-3ubuntu0.12

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.2.3-3ubuntu0.12 2023-06-16 13:07:06 UTC

  sssd (2.2.3-3ubuntu0.12) focal-security; urgency=medium

  * Fix crash with mismatched packages (LP: #2023598)
    - debian/control: add a versioned dependency on libsss-certmap0 to the
      sssd-common package.

 -- Marc Deslauriers <email address hidden> Thu, 15 Jun 2023 18:16:57 -0400

Source diff to previous version
2023598 Too loose Depends constraints in sssd-common causes critical crash

Version: 2.2.3-3ubuntu0.11 2023-06-12 13:07:08 UTC

  sssd (2.2.3-3ubuntu0.11) focal-security; urgency=medium

  * SECURITY UPDATE: libsss_certmap fails to sanitise certificate data used
    in LDAP filters
    - debian/patches/CVE-2022-4254.patch: sanitize LDAP search filter in
      Makefile.am, src/lib/certmap/sss_certmap.c,
      src/lib/certmap/sss_certmap.exports, src/lib/certmap/sss_certmap.h,
      src/responder/pam/pamsrv_p11.c, src/tests/cmocka/test_certmap.c,
      src/util/util.c, src/util/util_ext.c.
    - CVE-2022-4254

 -- Marc Deslauriers <email address hidden> Tue, 06 Jun 2023 09:22:35 -0400

Source diff to previous version
CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters

Version: 2.2.3-3ubuntu0.10 2023-03-08 15:06:51 UTC

  sssd (2.2.3-3ubuntu0.10) focal-security; urgency=medium

  * No-change rebuild against samba security update.

 -- Marc Deslauriers <email address hidden> Fri, 03 Mar 2023 08:21:36 -0500

Source diff to previous version

Version: 2.2.3-3ubuntu0.8 2021-11-11 13:06:48 UTC

  sssd (2.2.3-3ubuntu0.8) focal-security; urgency=medium

  * No-change rebuild against samba security update.

 -- Marc Deslauriers <email address hidden> Wed, 10 Nov 2021 10:20:51 -0500

Source diff to previous version

Version: 2.2.3-3ubuntu0.7 2021-09-08 13:06:54 UTC

  sssd (2.2.3-3ubuntu0.7) focal-security; urgency=medium

  * SECURITY UPDATE: shell command injection in sssctl comment
    - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
      avoid execution of user supplied command in
      src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
      src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
    - CVE-2021-3621

 -- Marc Deslauriers <email address hidden> Wed, 18 Aug 2021 08:19:23 -0400

CVE-2021-3621 shell command injection in sssctl



About   -   Send Feedback to @ubuntu_updates