Oval Definition:oval:org.opensuse.security:def:50403
Revision Date:2020-12-01Version:1
Title:Security update for sssd (Moderate)
Description:

This update for sssd fixes the following issues:

Security issue fixed:

- CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation (bsc#1124194).

Non-security issues fixed:

- Allow defaults sudoRole without sudoUser attribute (bsc#1135247) - Missing GPOs directory could have led to login problems (bsc#1132879) - Fix a crash by adding a netgroup counter to struct nss_enum_index (bsc#1132657)
Family:unixClass:patch
Status:Reference(s):1081947
1082293
1085196
1101688
1101689
1103203
1106214
1119069
1120374
1121197
1122417
1122983
1124194
1125886
1129186
1131595
1132091
1132657
1132879
1133534
1135247
1135534
1135708
1137832
1141861
1141862
1146098
1146105
1146107
1149943
1149944
1158095
1160467
1160468
1160968
1162501
1165528
1166751
1169511
1169658
1171352
1172277
1177158
353876
CVE-2018-12404
CVE-2018-1333
CVE-2018-16838
CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2018-8011
CVE-2019-11023
CVE-2019-12749
CVE-2019-14889
CVE-2019-14896
CVE-2019-14897
CVE-2019-20446
CVE-2019-2949
CVE-2019-3838
CVE-2019-3886
CVE-2019-9848
CVE-2019-9849
CVE-2019-9850
CVE-2019-9851
CVE-2019-9852
CVE-2019-9854
CVE-2019-9855
CVE-2020-0556
CVE-2020-10018
CVE-2020-11793
CVE-2020-14355
CVE-2020-2654
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
SUSE-SU-2018:2424-1
SUSE-SU-2019:0273-1
SUSE-SU-2019:0718-1
SUSE-SU-2019:1267-1
SUSE-SU-2019:1285-1
SUSE-SU-2019:1476-1
SUSE-SU-2019:1595-1
SUSE-SU-2019:2392-1
SUSE-SU-2019:2402-1
SUSE-SU-2020:0130-1
SUSE-SU-2020:0629-2
SUSE-SU-2020:0918-1
SUSE-SU-2020:1109-1
SUSE-SU-2020:1684-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • xorg-x11-devel-7.4-8.26.40 is installed
  • OR xorg-x11-libs-7.4-8.26.40 is installed
  • OR xorg-x11-libs-32bit-7.4-8.26.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • compat-openssl097g-0.9.7g-146.22.31 is installed
  • OR compat-openssl097g-32bit-0.9.7g-146.22.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • xen-4.4.2_12-23 is installed
  • OR xen-doc-html-4.4.2_12-23 is installed
  • OR xen-kmp-default-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-kmp-pae-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-libs-4.4.2_12-23 is installed
  • OR xen-libs-32bit-4.4.2_12-23 is installed
  • OR xen-tools-4.4.2_12-23 is installed
  • OR xen-tools-domU-4.4.2_12-23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • gd-2.1.0-3 is installed
  • OR gd-32bit-2.1.0-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gd-2.1.0-5 is installed
  • OR gd-32bit-2.1.0-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gnome-online-accounts-3.20.4-7 is installed
  • OR gnome-online-accounts-lang-3.20.4-7 is installed
  • OR libgoa-1_0-0-3.20.4-7 is installed
  • OR libgoa-1_0-0-32bit-3.20.4-7 is installed
  • OR libgoa-backend-1_0-1-3.20.4-7 is installed
  • OR typelib-1_0-Goa-1_0-3.20.4-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • expat-2.1.0-20 is installed
  • OR libexpat1-2.1.0-20 is installed
  • OR libexpat1-32bit-2.1.0-20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND cvs-1.12.12-182.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • librsvg-2.42.8-3.3 is installed
  • OR rsvg-view-2.42.8-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 is installed
  • AND Package Information
  • libipa_hbac-devel-1.16.1-3.24 is installed
  • OR libipa_hbac0-1.16.1-3.24 is installed
  • OR libsss_certmap-devel-1.16.1-3.24 is installed
  • OR libsss_certmap0-1.16.1-3.24 is installed
  • OR libsss_idmap-devel-1.16.1-3.24 is installed
  • OR libsss_idmap0-1.16.1-3.24 is installed
  • OR libsss_nss_idmap-devel-1.16.1-3.24 is installed
  • OR libsss_nss_idmap0-1.16.1-3.24 is installed
  • OR libsss_simpleifp-devel-1.16.1-3.24 is installed
  • OR libsss_simpleifp0-1.16.1-3.24 is installed
  • OR python3-sssd-config-1.16.1-3.24 is installed
  • OR sssd-1.16.1-3.24 is installed
  • OR sssd-ad-1.16.1-3.24 is installed
  • OR sssd-dbus-1.16.1-3.24 is installed
  • OR sssd-ipa-1.16.1-3.24 is installed
  • OR sssd-krb5-1.16.1-3.24 is installed
  • OR sssd-krb5-common-1.16.1-3.24 is installed
  • OR sssd-ldap-1.16.1-3.24 is installed
  • OR sssd-proxy-1.16.1-3.24 is installed
  • OR sssd-tools-1.16.1-3.24 is installed
  • OR sssd-wbclient-1.16.1-3.24 is installed
  • OR sssd-wbclient-devel-1.16.1-3.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.10-3.38 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-3.38 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.10-3.38 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-3.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_27-default-5-2 is installed
  • OR kernel-livepatch-SLE15_Update_12-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • MozillaFirefox-60.5.0-3.24 is installed
  • OR MozillaFirefox-branding-upstream-60.5.0-3.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • dbus-1-1.12.2-8.3 is installed
  • OR dbus-1-devel-32bit-1.12.2-8.3 is installed
  • OR dbus-1-devel-doc-1.12.2-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • spice-gtk-0.37-3.3 is installed
  • OR spice-gtk-lang-0.37-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 is installed
  • AND Package Information
  • apache2-2.4.33-3.3 is installed
  • OR apache2-devel-2.4.33-3.3 is installed
  • OR apache2-doc-2.4.33-3.3 is installed
  • OR apache2-prefork-2.4.33-3.3 is installed
  • OR apache2-utils-2.4.33-3.3 is installed
  • OR apache2-worker-2.4.33-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • xen-4.13.1_04-3.4 is installed
  • OR xen-devel-4.13.1_04-3.4 is installed
  • OR xen-tools-4.13.1_04-3.4 is installed
  • OR xen-tools-xendomains-wait-disk-4.13.1_04-3.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND apache-commons-beanutils-1.9.2-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libmpfr4-3.1.2-7 is installed
  • OR libmpfr4-32bit-3.1.2-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_32-default-4-3 is installed
  • OR kgraft-patch-3_12_69-60_64_32-xen-4-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_13-4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libQt5WebKit5-5.6.1-9 is installed
  • OR libQt5WebKit5-imports-5.6.1-9 is installed
  • OR libQt5WebKitWidgets5-5.6.1-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • MozillaFirefox-52.8.1esr-109.34 is installed
  • OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.2.2esr-109.46 is installed
  • OR MozillaFirefox-branding-SLE-60-32.3 is installed
  • OR MozillaFirefox-devel-60.2.2esr-109.46 is installed
  • OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed
  • OR apache2-mod_nss-1.0.14-19.6 is installed
  • OR libfreebl3-3.36.4-58.15 is installed
  • OR libfreebl3-32bit-3.36.4-58.15 is installed
  • OR libfreebl3-hmac-3.36.4-58.15 is installed
  • OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed
  • OR libsoftokn3-3.36.4-58.15 is installed
  • OR libsoftokn3-32bit-3.36.4-58.15 is installed
  • OR libsoftokn3-hmac-3.36.4-58.15 is installed
  • OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed
  • OR mozilla-nspr-4.19-19.3 is installed
  • OR mozilla-nspr-32bit-4.19-19.3 is installed
  • OR mozilla-nss-3.36.4-58.15 is installed
  • OR mozilla-nss-32bit-3.36.4-58.15 is installed
  • OR mozilla-nss-certs-3.36.4-58.15 is installed
  • OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed
  • OR mozilla-nss-sysinit-3.36.4-58.15 is installed
  • OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed
  • OR mozilla-nss-tools-3.36.4-58.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND clamav-0.100.1-33.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • eog-3.20.4-7 is installed
  • OR eog-lang-3.20.4-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_72-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_22-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.10-3.38 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.10-3.38 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.10-3.38 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.10-3.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND squid-4.13-5.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • MozillaThunderbird-52.9.1-3.7 is installed
  • OR MozillaThunderbird-devel-52.9.1-3.7 is installed
  • OR MozillaThunderbird-translations-common-52.9.1-3.7 is installed
  • OR MozillaThunderbird-translations-other-52.9.1-3.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-ceilometer-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-central-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-compute-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-ipmi-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-notification-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-alarm-evaluator-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-alarm-notifier-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-api-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-collector-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-doc-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-polling-5.0.4~a0~dev6-6 is installed
  • OR openstack-cinder-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-api-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-backup-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-doc-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-scheduler-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-volume-7.0.3~a0~dev2-7 is installed
  • OR openstack-dashboard-8.0.2~a0~dev34-8 is installed
  • OR openstack-glance-11.0.2~a0~dev13-7 is installed
  • OR openstack-glance-doc-11.0.2~a0~dev13-7 is installed
  • OR openstack-heat-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-api-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-api-cfn-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-api-cloudwatch-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-doc-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-engine-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-plugin-heat_docker-5.0.2~a0~dev93-9 is installed
  • OR openstack-keystone-8.1.1~a0~dev13-3 is installed
  • OR openstack-keystone-doc-8.1.1~a0~dev13-3 is installed
  • OR openstack-manila-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-api-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-doc-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-scheduler-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-share-1.0.2~a0~dev11-9 is installed
  • OR openstack-neutron-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-dhcp-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-doc-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-fwaas-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-fwaas-doc-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-ha-tool-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-l3-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-lbaas-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-lbaas-agent-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-lbaas-doc-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-linuxbridge-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-metadata-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-metering-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-mlnx-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-nvsd-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-openvswitch-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-restproxy-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-server-7.1.2~a0~dev29-10 is installed
  • OR openstack-nova-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-api-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-cells-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-cert-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-compute-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-conductor-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-console-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-consoleauth-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-doc-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-novncproxy-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-objectstore-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-scheduler-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-serialproxy-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-vncproxy-12.0.5~a0~dev2-7 is installed
  • OR openstack-resource-agents-1.0+git.1467079370.4f2c49d-7 is installed
  • OR python-ceilometer-5.0.4~a0~dev6-6 is installed
  • OR python-cinder-7.0.3~a0~dev2-7 is installed
  • OR python-glance-11.0.2~a0~dev13-7 is installed
  • OR python-heat-5.0.2~a0~dev93-9 is installed
  • OR python-horizon-8.0.2~a0~dev34-8 is installed
  • OR python-keystone-8.1.1~a0~dev13-3 is installed
  • OR python-manila-1.0.2~a0~dev11-9 is installed
  • OR python-networking-cisco-2.1.1-6 is installed
  • OR python-neutron-7.1.2~a0~dev29-10 is installed
  • OR python-neutron-fwaas-7.1.2~a0~dev1-6 is installed
  • OR python-neutron-lbaas-7.1.2~a0~dev1-6 is installed
  • OR python-nova-12.0.5~a0~dev2-7 is installed
  • OR python-openstackclient-1.7.2-4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • perl-5.18.2-12.20 is installed
  • OR perl-32bit-5.18.2-12.20 is installed
  • OR perl-base-5.18.2-12.20 is installed
  • OR perl-doc-5.18.2-12.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • BACK