Security update for sssd
This update for sssd fixes the following issues:
Security issue fixed:
- CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation (bsc#1124194).
Non-security issues fixed:
- Allow defaults sudoRole without sudoUser attribute (bsc#1135247)
- Missing GPOs directory could have led to login problems (bsc#1132879)
- Fix a crash by adding a netgroup counter to struct nss_enum_index (bsc#1132657)
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Samuel Cabrero (scabrero)
Fixed bugs
bnc#1124194
VUL-0: CVE-2018-16838: sssd: improper implementation of GPOs due to too restrictive permissions
bnc#1132879
SSSD is not working with AD GPO
bnc#1135247
L3: sssd: sudo "defaults" rule ignored
bnc#1132657
L3-Question: Invalid pointer dereference in sssd-1.16.1-2.8.x86_64
