| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for sssd (Moderate) |
| Description: |
This update for sssd fixes the following issues:
Security issue fixed:
- CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation (bsc#1124194).
Non-security issues fixed:
- Allow defaults sudoRole without sudoUser attribute (bsc#1135247) - Missing GPOs directory could have led to login problems (bsc#1132879) - Fix a crash by adding a netgroup counter to struct nss_enum_index (bsc#1132657)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1012382
1043912
1044189
1046302
1046306
1046307
1046543
1050244
1051510
1054914
1055014
1055117
1058659
1060463
1061305
1064232
1065600
1065729
1068032
1069138
1071995
1077761
1077989
1078720
1080157
1082555
1083647
1083663
1084332
1085042
1085262
1086282
1089663
1090528
1092903
1093389
1093447
1094244
1095344
1096748
1097105
1098459
1098822
1099922
1099999
1100000
1100001
1100132
1100397
1101557
1101669
1102346
1102870
1102875
1102877
1102879
1102882
1102896
1103363
1103387
1103421
1103948
1103949
1103961
1104172
1104353
1104824
1105247
1105524
1105536
1105597
1105603
1105672
1105907
1106007
1106016
1106105
1106121
1106170
1106178
1106191
1106229
1106230
1106231
1106233
1106235
1106236
1106237
1106238
1106240
1106291
1106297
1106333
1106369
1106426
1106427
1106464
1106509
1106511
1106594
1106636
1106688
1106697
1106743
1106779
1106800
1106890
1106891
1106892
1106893
1106894
1106896
1106897
1106898
1106899
1106900
1106901
1106902
1106903
1106905
1106906
1106948
1106995
1107008
1107060
1107061
1107065
1107073
1107074
1107078
1107265
1107319
1107320
1107522
1107535
1107689
1107735
1107756
1107870
1107924
1107945
1107966
1108010
1108093
1108243
1108520
1108870
1109269
1109511
1120489
1123886
1124194
1132657
1132879
1134209
1135247
1135350
1140290
1144902
1144903
1144919
1145095
1146090
1146091
1146093
1146094
1146095
1146097
1146099
1146100
1146360
1148539
1148742
1149841
1151021
1151455
1151793
1152143
1153108
1153158
1153161
1154289
1154598
1156146
1157179
1160398
1169511
1171352
1171999
920344
CVE-2017-14988
CVE-2017-18594
CVE-2018-10196
CVE-2018-10938
CVE-2018-10940
CVE-2018-1128
CVE-2018-1129
CVE-2018-12896
CVE-2018-13093
CVE-2018-13094
CVE-2018-13095
CVE-2018-14613
CVE-2018-14617
CVE-2018-15173
CVE-2018-16658
CVE-2018-16838
CVE-2018-20217
CVE-2018-6554
CVE-2018-6555
CVE-2019-10218
CVE-2019-10220
CVE-2019-11041
CVE-2019-11042
CVE-2019-11048
CVE-2019-13173
CVE-2019-14818
CVE-2019-14833
CVE-2019-14835
CVE-2019-14847
CVE-2019-17133
CVE-2019-9511
CVE-2019-9512
CVE-2019-9513
CVE-2019-9514
CVE-2019-9515
CVE-2019-9516
CVE-2019-9517
CVE-2019-9518
CVE-2020-2754
CVE-2020-2755
CVE-2020-2756
CVE-2020-2757
CVE-2020-2773
CVE-2020-2781
CVE-2020-2800
CVE-2020-2803
CVE-2020-2805
CVE-2020-2830
SUSE-SU-2018:2980-1
SUSE-SU-2019:1476-1
SUSE-SU-2019:2043-1
SUSE-SU-2019:2055-1
SUSE-SU-2019:2260-1
SUSE-SU-2019:2425-1
SUSE-SU-2019:2503-1
SUSE-SU-2019:2866-1
SUSE-SU-2019:3212-1
SUSE-SU-2020:0439-1
SUSE-SU-2020:1661-2
|
| Platform(s): | SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Server Applications 15
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information
libpython2_6-1_0-2.6.9-0.31 is installed
OR libpython2_6-1_0-32bit-2.6.9-0.31 is installed
OR python-2.6.9-0.31 is installed
OR python-base-2.6.9-0.31 is installed
OR python-base-32bit-2.6.9-0.31 is installed
OR python-curses-2.6.9-0.31 is installed
OR python-devel-2.6.9-0.31 is installed
OR python-tk-2.6.9-0.31 is installed
OR python-xml-2.6.9-0.31 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP4 is installed
AND Package Information
krb5-1.6.3-133.49.106 is installed
OR krb5-32bit-1.6.3-133.49.106 is installed
OR krb5-client-1.6.3-133.49.106 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
bash-4.2-75 is installed
OR bash-doc-4.2-75 is installed
OR bash-lang-4.2-75 is installed
OR libreadline6-6.2-75 is installed
OR libreadline6-32bit-6.2-75 is installed
OR readline-doc-6.2-75 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
cups-filters-1.0.58-8 is installed
OR cups-filters-cups-browsed-1.0.58-8 is installed
OR cups-filters-foomatic-rip-1.0.58-8 is installed
OR cups-filters-ghostscript-1.0.58-8 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed
AND Package Information
e2fsprogs-1.42.11-7 is installed
OR libcom_err2-1.42.11-7 is installed
OR libcom_err2-32bit-1.42.11-7 is installed
OR libext2fs2-1.42.11-7 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
dbus-1-glib-0.100.2-3 is installed
OR dbus-1-glib-32bit-0.100.2-3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
cpp48-4.8.5-31.17 is installed
OR gcc48-4.8.5-31.17 is installed
OR gcc48-32bit-4.8.5-31.17 is installed
OR gcc48-c++-4.8.5-31.17 is installed
OR gcc48-gij-4.8.5-31.17 is installed
OR gcc48-gij-32bit-4.8.5-31.17 is installed
OR gcc48-info-4.8.5-31.17 is installed
OR libasan0-4.8.5-31.17 is installed
OR libasan0-32bit-4.8.5-31.17 is installed
OR libgcj48-4.8.5-31.17 is installed
OR libgcj48-32bit-4.8.5-31.17 is installed
OR libgcj48-jar-4.8.5-31.17 is installed
OR libgcj_bc1-4.8.5-31.17 is installed
OR libstdc++48-devel-4.8.5-31.17 is installed
OR libstdc++48-devel-32bit-4.8.5-31.17 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
AND Package Information
php7-7.2.5-4.58 is installed
OR php7-embed-7.2.5-4.58 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
AND Package Information
libipa_hbac-devel-1.16.1-3.24 is installed
OR libipa_hbac0-1.16.1-3.24 is installed
OR libsss_certmap-devel-1.16.1-3.24 is installed
OR libsss_certmap0-1.16.1-3.24 is installed
OR libsss_idmap-devel-1.16.1-3.24 is installed
OR libsss_idmap0-1.16.1-3.24 is installed
OR libsss_nss_idmap-devel-1.16.1-3.24 is installed
OR libsss_nss_idmap0-1.16.1-3.24 is installed
OR libsss_simpleifp-devel-1.16.1-3.24 is installed
OR libsss_simpleifp0-1.16.1-3.24 is installed
OR python3-sssd-config-1.16.1-3.24 is installed
OR sssd-1.16.1-3.24 is installed
OR sssd-ad-1.16.1-3.24 is installed
OR sssd-dbus-1.16.1-3.24 is installed
OR sssd-ipa-1.16.1-3.24 is installed
OR sssd-krb5-1.16.1-3.24 is installed
OR sssd-krb5-common-1.16.1-3.24 is installed
OR sssd-ldap-1.16.1-3.24 is installed
OR sssd-proxy-1.16.1-3.24 is installed
OR sssd-tools-1.16.1-3.24 is installed
OR sssd-wbclient-1.16.1-3.24 is installed
OR sssd-wbclient-devel-1.16.1-3.24 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Legacy Software 15 is installed
AND Package Information
kernel-default-4.12.14-25.19 is installed
OR reiserfs-kmp-default-4.12.14-25.19 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 is installed
AND Package Information
kernel-livepatch-4_12_14-150_14-default-4-2 is installed
OR kernel-livepatch-SLE15_Update_9-4-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
AND Package Information
kernel-livepatch-4_12_14-197_4-default-6-2 is installed
OR kernel-livepatch-SLE15-SP1_Update_1-6-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND Package Information
libIlmImf-2_2-23-32bit-2.2.1-3.9 is installed
OR libIlmImfUtil-2_2-23-32bit-2.2.1-3.9 is installed
OR openexr-2.2.1-3.9 is installed
OR openexr-doc-2.2.1-3.9 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 is installed
AND Package Information
krb5-1.15.2-6.3 is installed
OR krb5-plugin-kdb-ldap-1.15.2-6.3 is installed
OR krb5-server-1.15.2-6.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 15 is installed
AND Package Information
nodejs8-8.15.1-3.17 is installed
OR nodejs8-devel-8.15.1-3.17 is installed
OR nodejs8-docs-8.15.1-3.17 is installed
OR npm8-8.15.1-3.17 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
AND Package Information
nodejs8-8.16.1-3.20 is installed
OR nodejs8-devel-8.16.1-3.20 is installed
OR nodejs8-docs-8.16.1-3.20 is installed
OR npm8-8.16.1-3.20 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP1 is installed
AND ant-1.9.4-1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
kgraft-patch-3_12_67-60_64_24-default-9-4 is installed
OR kgraft-patch-3_12_67-60_64_24-xen-9-4 is installed
OR kgraft-patch-SLE12-SP1_Update_11-9-4 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
cups-pk-helper-0.2.5-3 is installed
OR cups-pk-helper-lang-0.2.5-3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
openssh-7.2p2-74.25 is installed
OR openssh-askpass-gnome-7.2p2-74.25 is installed
OR openssh-fips-7.2p2-74.25 is installed
OR openssh-helpers-7.2p2-74.25 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
xen-4.7.5_04-43.33 is installed
OR xen-doc-html-4.7.5_04-43.33 is installed
OR xen-libs-4.7.5_04-43.33 is installed
OR xen-libs-32bit-4.7.5_04-43.33 is installed
OR xen-tools-4.7.5_04-43.33 is installed
OR xen-tools-domU-4.7.5_04-43.33 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3 is installed
AND ipsec-tools-0.8.0-18 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND Package Information
java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
kgraft-patch-4_4_156-94_64-default-7-2 is installed
OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND yast2-smt-3.0.14-3.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
cups-1.7.5-20.17 is installed
OR cups-client-1.7.5-20.17 is installed
OR cups-libs-1.7.5-20.17 is installed
OR cups-libs-32bit-1.7.5-20.17 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 15-LTSS is installed
AND Package Information
perl-Mail-SpamAssassin-3.4.2-7.9 is installed
OR perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-7.9 is installed
OR spamassassin-3.4.2-7.9 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server for SAP Applications 15 is installed
AND Package Information
libdcerpc-binding0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libdcerpc-binding0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libdcerpc-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libdcerpc-samr-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libdcerpc-samr0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libdcerpc0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libdcerpc0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-krb5pac-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-krb5pac0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-krb5pac0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-nbt-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-nbt0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-nbt0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-standard-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-standard0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr-standard0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libndr0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libnetapi-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libnetapi0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libnetapi0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-credentials-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-credentials0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-credentials0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-errors-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-errors0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-errors0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-hostconfig-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-hostconfig0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-hostconfig0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-passdb-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-passdb0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-passdb0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-policy-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-policy0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-util-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-util0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamba-util0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamdb-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamdb0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsamdb0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbclient-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbclient0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbclient0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbconf-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbconf0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbconf0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbldap-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbldap2-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libsmbldap2-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libtevent-util-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libtevent-util0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libtevent-util0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libwbclient-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libwbclient0-4.7.11+git.240.76c9942a99f-4.43 is installed
OR libwbclient0-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-client-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-client-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-core-devel-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-libs-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-libs-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-winbind-4.7.11+git.240.76c9942a99f-4.43 is installed
OR samba-winbind-32bit-4.7.11+git.240.76c9942a99f-4.43 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 is installed
AND Package Information
ffmpeg-3.4.2-4.5 is installed
OR libavcodec-devel-3.4.2-4.5 is installed
OR libavformat-devel-3.4.2-4.5 is installed
OR libavformat57-3.4.2-4.5 is installed
OR libavresample-devel-3.4.2-4.5 is installed
OR libavresample3-3.4.2-4.5 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 6 is installed
AND Package Information
java-1_7_1-ibm-1.7.1_sr4.10-38.5 is installed
OR java-1_7_1-ibm-alsa-1.7.1_sr4.10-38.5 is installed
OR java-1_7_1-ibm-devel-1.7.1_sr4.10-38.5 is installed
OR java-1_7_1-ibm-jdbc-1.7.1_sr4.10-38.5 is installed
OR java-1_7_1-ibm-plugin-1.7.1_sr4.10-38.5 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 7 is installed
AND python-tablib-0.9.11-3 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud 8 is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.241-43.30 is installed
OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed
OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed
OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
|
| Definition Synopsis |
| SUSE OpenStack Cloud Crowbar 8 is installed
AND Package Information
bzip2-1.0.6-30.8 is installed
OR bzip2-doc-1.0.6-30.8 is installed
OR libbz2-1-1.0.6-30.8 is installed
OR libbz2-1-32bit-1.0.6-30.8 is installed
|