Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

Fedora 25 sssd Important Input Handling Flaw Fix CVE-2017-12173

fedora
Calendar Grey October 27, 2017
Dist Fedora Esm H88
Important sssd security patch for Fedora 25 resolves improper input handling flaw. Update immediately to maintain system security.
Security fix for [CVE-2017-12173]

Summary

Provides a set of daemons to manage access to remote directories and

authentication mechanisms. It provides an NSS and PAM interface toward

the system and a plug-gable back-end system to connect to multiple different

account sources. It is also the basis to provide client auditing and policy

services for projects like FreeIPA.

The sssd sub-package is a meta-package that contains the daemon as well as all

the existing back ends.

Security fix for [CVE-2017-12173]

[ 1 ] Bug #1498173 - CVE-2017-12173 sssd: unsanitized input when searching in local cache database

https://bugzilla.redhat.com/show_bug.cgi?id=1498173

su -c 'dnf upgrade sssd' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 25
Version: 1.15.3
Release: 5.fc25
Summary: System Security Services Daemon

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.