Oracle Linux 7 ELSA-2023-0412: Critical SSSD Security Update
oracle
January 24, 2023
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Summary
[1.16.5-10.0.3] - Revert Redhat's change of disallowing duplicated incomplete gid when "id_provider=ldap" is used, which caused regression in AD environment. [Orabug: 29286774] [Doc ID 2605732.1] [1.16.5-10.15] - Resolves: rhbz#2149703 - smartcards: special characters must be escaped when building search filter [rhel-7.9.z] - Resolves: rhbz#2149902 - EMBARGOED CVE-2022-4254 sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters [rhel-7.9.z]
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates//sssd-1.16.5-10.0.3.el7_9.15.src.rpm
x86_64
libipa_hbac-1.16.5-10.0.3.el7_9.15.i686.rpm libipa_hbac-1.16.5-10.0.3.el7_9.15.x86_64.rpm libipa_hbac-devel-1.16.5-10.0.3.el7_9.15.i686.rpm libipa_hbac-devel-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_autofs-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_certmap-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_certmap-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_certmap-devel-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_certmap-devel-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_idmap-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_idmap-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_idmap-devel-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_idmap-devel-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_nss_idmap-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_nss_idmap-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_nss_idmap-devel-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_nss_idmap-devel-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_simpleifp-1.16.5-10.0.3.el7_9.15.i686.rpm libsss_simpleifp-1.16.5-10.0.3.el7_9.15.x86_64.rpm libsss_simpleifp-devel-1.16.5-10.0.3.el7_9.15...
Read the Full Advisoryaarch64
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Related CVEs: CVE-2022-4254
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!