Oval Definition:	oval:org.opensuse.security:def:56881
Revision Date: 2020-12-01 Version: 1 Title: Security update for sssd (Moderate) Description: This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users (bsc#1098377) These non-security issues were fixed: - Fix a segmentation fault in sss_cache command. (bsc#1072728) - Fix a failure in autofs initialisation sequence upon system boot. (bsc#1010700) - Fix race condition on boot between SSSD and autofs. (bsc#1010700) - Fix a bug where file descriptors were not closed (bsc#1080156) - Fix an issue where sssd logs were not rotated properly (bsc#1080156) - Remove whitespaces from netgroup entries (bsc#1087320) - Remove misleading log messages (bsc#1101877) - exit() the forked process if exec()-ing a child process fails (bsc#1110299) - Do not schedule the machine renewal task if adcli is not executable (bsc#1110299) Family: unix Class: patch Status: Reference(s): 1001367 1003800 1004477 1005555 1005558 1005562 1005564 1005566 1005569 1005581 1005582 1006539 1008318 1010700 1015187 1015422 1027575 1032248 1038564 1042892 1046191 1047002 1050751 1063671 1064392 1066471 1066472 1072728 1080156 1080919 1087320 1094301 1098377 1101776 1101777 1101786 1101788 1101791 1101794 1101800 1101802 1101804 1101810 1101877 1105437 1105459 1105460 1106514 1110299 1121563 1125352 1126056 1127557 1128657 1130230 1130721 1132348 1132400 1132721 1169659 1170313 1170423 854512 906574 924960 932386 933288 933878 936227 942865 955942 957566 957567 957598 957600 960837 963963 965283 971741 972127 978395 981040 981041 981108 981109 981111 981112 981114 981115 981548 981549 981550 990890 CVE-2013-2139 CVE-2014-3065 CVE-2014-3566 CVE-2014-4288 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6466 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 CVE-2014-8891 CVE-2014-8892 CVE-2014-8964 CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-1914 CVE-2015-1931 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2619 CVE-2015-2621 CVE-2015-2625 CVE-2015-2632 CVE-2015-2637 CVE-2015-2638 CVE-2015-2664 CVE-2015-2808 CVE-2015-3210 CVE-2015-3217 CVE-2015-4000 CVE-2015-4729 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-5041 CVE-2015-5073 CVE-2015-7575 CVE-2015-7981 CVE-2015-8126 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8472 CVE-2015-8540 CVE-2015-8806 CVE-2016-0264 CVE-2016-0363 CVE-2016-0376 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2016-0686 CVE-2016-0687 CVE-2016-1283 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3191 CVE-2016-3422 CVE-2016-3426 CVE-2016-3427 CVE-2016-3443 CVE-2016-3449 CVE-2016-3485 CVE-2016-3492 CVE-2016-3511 CVE-2016-3598 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-7440 CVE-2016-8283 CVE-2016-9893 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9899 CVE-2016-9900 CVE-2016-9901 CVE-2016-9902 CVE-2016-9904 CVE-2016-9905 CVE-2016-9933 CVE-2017-10790 CVE-2017-13080 CVE-2017-15649 CVE-2017-2636 CVE-2017-2669 CVE-2017-7533 CVE-2017-7645 CVE-2017-8890 CVE-2017-9242 CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 CVE-2018-10852 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369 CVE-2018-14370 CVE-2018-16056 CVE-2018-16057 CVE-2018-16058 CVE-2018-6954 CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12524 CVE-2019-1787 CVE-2019-1788 CVE-2019-1789 CVE-2019-3842 CVE-2019-6454 CVE-2020-11945 SUSE-SU-2016:1538-1 SUSE-SU-2016:2933-1 SUSE-SU-2016:3161-1 SUSE-SU-2016:3211-1 SUSE-SU-2016:3222-1 SUSE-SU-2017:1250-1 SUSE-SU-2017:2072-1 SUSE-SU-2017:3130-1 SUSE-SU-2018:2825-1 SUSE-SU-2018:2891-1 SUSE-SU-2019:0081-1 SUSE-SU-2019:0897-1 SUSE-SU-2019:1265-1 SUSE-SU-2020:1227-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information ibus-chewing-1.4.14-lp150.1 is installed OR ibus-pinyin-1.5.0-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.7 is installed OR kernel-debug-base-4.12.14-lp151.28.7 is installed OR kernel-debug-devel-4.12.14-lp151.28.7 is installed OR kernel-default-4.12.14-lp151.28.7 is installed OR kernel-default-base-4.12.14-lp151.28.7 is installed OR kernel-default-devel-4.12.14-lp151.28.7 is installed OR kernel-devel-4.12.14-lp151.28.7 is installed OR kernel-docs-4.12.14-lp151.28.7 is installed OR kernel-docs-html-4.12.14-lp151.28.7 is installed OR kernel-kvmsmall-4.12.14-lp151.28.7 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.7 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.7 is installed OR kernel-macros-4.12.14-lp151.28.7 is installed OR kernel-obs-build-4.12.14-lp151.28.7 is installed OR kernel-obs-qa-4.12.14-lp151.28.7 is installed OR kernel-source-4.12.14-lp151.28.7 is installed OR kernel-source-vanilla-4.12.14-lp151.28.7 is installed OR kernel-syms-4.12.14-lp151.28.7 is installed OR kernel-vanilla-4.12.14-lp151.28.7 is installed OR kernel-vanilla-base-4.12.14-lp151.28.7 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libipa_hbac0-1.13.4-34.23 is installed OR libsss_idmap0-1.13.4-34.23 is installed OR libsss_nss_idmap0-1.13.4-34.23 is installed OR libsss_sudo-1.13.4-34.23 is installed OR python-sssd-config-1.13.4-34.23 is installed OR sssd-1.13.4-34.23 is installed OR sssd-32bit-1.13.4-34.23 is installed OR sssd-ad-1.13.4-34.23 is installed OR sssd-ipa-1.13.4-34.23 is installed OR sssd-krb5-1.13.4-34.23 is installed OR sssd-krb5-common-1.13.4-34.23 is installed OR sssd-ldap-1.13.4-34.23 is installed OR sssd-proxy-1.13.4-34.23 is installed OR sssd-tools-1.13.4-34.23 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libsystemd0-228-150.66 is installed OR libsystemd0-32bit-228-150.66 is installed OR libudev1-228-150.66 is installed OR libudev1-32bit-228-150.66 is installed OR systemd-228-150.66 is installed OR systemd-32bit-228-150.66 is installed OR systemd-bash-completion-228-150.66 is installed OR systemd-sysvinit-228-150.66 is installed OR udev-228-150.66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libpcre1-8.39-7 is installed OR libpcre1-32bit-8.39-7 is installed OR libpcre16-0-8.39-7 is installed OR pcre-8.39-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_21-default-8-2 is installed OR kgraft-patch-3_12_67-60_64_21-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_10-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.50-28 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr3.50-28 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr3.50-28 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr3.50-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_101-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_27-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.42 is installed OR libvirt-client-2.0.0-27.42 is installed OR libvirt-daemon-2.0.0-27.42 is installed OR libvirt-daemon-config-network-2.0.0-27.42 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-interface-2.0.0-27.42 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.42 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.42 is installed OR libvirt-daemon-driver-network-2.0.0-27.42 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.42 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.42 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.42 is installed OR libvirt-daemon-driver-secret-2.0.0-27.42 is installed OR libvirt-daemon-driver-storage-2.0.0-27.42 is installed OR libvirt-daemon-hooks-2.0.0-27.42 is installed OR libvirt-daemon-lxc-2.0.0-27.42 is installed OR libvirt-daemon-qemu-2.0.0-27.42 is installed OR libvirt-daemon-xen-2.0.0-27.42 is installed OR libvirt-doc-2.0.0-27.42 is installed OR libvirt-lock-sanlock-2.0.0-27.42 is installed OR libvirt-nss-2.0.0-27.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libfreebl3-3.53.1-58.48 is installed OR libfreebl3-32bit-3.53.1-58.48 is installed OR libfreebl3-hmac-3.53.1-58.48 is installed OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed OR libsoftokn3-3.53.1-58.48 is installed OR libsoftokn3-32bit-3.53.1-58.48 is installed OR libsoftokn3-hmac-3.53.1-58.48 is installed OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed OR mozilla-nspr-4.25-19.15 is installed OR mozilla-nspr-32bit-4.25-19.15 is installed OR mozilla-nss-3.53.1-58.48 is installed OR mozilla-nss-32bit-3.53.1-58.48 is installed OR mozilla-nss-certs-3.53.1-58.48 is installed OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed OR mozilla-nss-tools-3.53.1-58.48 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND clamav-0.100.3-33.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ppp-2.4.7-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information ntp-4.2.8p12-64.8 is installed OR ntp-doc-4.2.8p12-64.8 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.1-11.30 is installed
BACK