File _patchinfo of Package patchinfo.11278

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.11278

<patchinfo incident="11278">
  <issue tracker="bnc" id="1124194">VUL-0: CVE-2018-16838: sssd: improper implementation of GPOs due to too restrictive permissions</issue>
  <issue tracker="bnc" id="1132879">SSSD is not working with AD GPO</issue>
  <issue tracker="bnc" id="1135247">L3: sssd: sudo "defaults" rule ignored</issue>
  <issue tracker="bnc" id="1132657">L3-Question: Invalid pointer dereference in sssd-1.16.1-2.8.x86_64</issue>
  <issue tracker="cve" id="2018-16838"/>
  <category>security</category>
  <summary>Security update for sssd</summary>
  <rating>moderate</rating>
  <packager>scabrero</packager>
  <description>This update for sssd fixes the following issues:

Security issue fixed:

- CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation (bsc#1124194).

Non-security issues fixed:

- Allow defaults sudoRole without sudoUser attribute (bsc#1135247)
- Missing GPOs directory could have led to login problems (bsc#1132879)
- Fix a crash by adding a netgroup counter to struct nss_enum_index (bsc#1132657)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.11278

Places