Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Oracle Linux 9 ELSA-2024-3754 Critical: ipa Access Control Issues

oracle
Calendar Grey June 11, 2024
Oracle Linux Logo Esm H88
Oracle Linux 9 has updates to address critical security issues, including access control flaws in ipa.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[4.11.0-15.0.1] - Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] - Add bind to ipa-server-common Requires [Orabug: 36518596] [4.11.0-15] - Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force - Resolves: RHEL-31409 CVE-2024-2698 ipa: freeipa: delegation rules allow a proxy service to impersonate any user to access another target service

Topics%20covered

Topics Covered

security advisory security update critical access control important ipa oracle linux

SRPMs


Warning: Undefined array key "references" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3238737_8ef039c68d1d756f705e7dee9ba3d15b on line 11

http://oss.oracle.com/ol9/SRPMS-updates//ipa-4.11.0-15.0.1.el9_4.src.rpm

x86_64

ipa-client-4.11.0-15.0.1.el9_4.x86_64.rpm ipa-client-common-4.11.0-15.0.1.el9_4.noarch.rpm ipa-client-epn-4.11.0-15.0.1.el9_4.x86_64.rpm ipa-client-samba-4.11.0-15.0.1.el9_4.x86_64.rpm ipa-common-4.11.0-15.0.1.el9_4.noarch.rpm ipa-selinux-4.11.0-15.0.1.el9_4.noarch.rpm ipa-server-4.11.0-15.0.1.el9_4.x86_64.rpm ipa-server-common-4.11.0-15.0.1.el9_4.noarch.rpm ipa-server-dns-4.11.0-15.0.1.el9_4.noarch.rpm ipa-server-trust-ad-4.11.0-15.0.1.el9_4.x86_64.rpm python3-ipaclient-4.11.0-15.0.1.el9_4.noarch.rpm python3-ipalib-4.11.0-15.0.1.el9_4.noarch.rpm python3-ipaserver-4.11.0-15.0.1.el9_4.noarch.rpm python3-ipatests-4.11.0-15.0.1.el9_4.noarch.rpm

aarch64

ipa-client-4.11.0-15.0.1.el9_4.aarch64.rpm ipa-client-common-4.11.0-15.0.1.el9_4.noarch.rpm ipa-client-epn-4.11.0-15.0.1.el9_4.aarch64.rpm ipa-client-samba-4.11.0-15.0.1.el9_4.aarch64.rpm ipa-common-4.11.0-15.0.1.el9_4.noarch.rpm ipa-selinux-4.11.0-15.0.1.el9_4.noarch.rpm ipa-server-4.11.0-15.0.1.el9_4.aarch64.rpm ipa-server-common-4.11.0-15.0.1.el9_4.noarch.rpm ipa-server-dns-4.11.0-15.0.1.el9_4.noarch.rpm ipa-server-trust-ad-4.11.0-15.0.1.el9_4.aarch64.rpm python3-ipaclient-4.11.0-15.0.1.el9_4.noarch.rpm python3-ipalib-4.11.0-15.0.1.el9_4.noarch.rpm python3-ipaserver-4.11.0-15.0.1.el9_4.noarch.rpm python3-ipatests-4.11.0-15.0.1.el9_4.noarch.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2024-2698 CVE-2024-3183

Topics%20covered

Topics Covered

security advisory security update critical access control important ipa oracle linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here