Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Red Hat Enterprise Linux: RHSA-2021-1846-01 Moderate: IdM Security Fix

red hat
Calendar Grey May 18, 2021
Dist Redhat Esm H88
Stay updated on the latest security patch for Red Hat's idm:DL1 and idm:client modules that improves protection and reduces potential vulnerabilities
An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
Security Fix(es):
* jquery: Passing HTML containing

Topics%20covered

Topics Covered

security advisory Red Hat DoS security fix moderate impact idm:DL1 idm:client

References

https://access.redhat.com/security/cve/CVE-2020-11023 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.src.rpm custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm ipa-4.9.2-3.module+el8.4.0+10412+5ecb5b37.src.rpm ipa-4.9.2-3.module+el8.4.0+10413+a92f1bfa.src.rpm ipa-healthcheck-0.7-3.module+el8.4.0+9007+5084bdd8.src.rpm ipa-healthcheck-0.7-3.module+el8.4.0+9008+94c5103b.src.rpm opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.src.rpm python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm slapi-nis-0.56.6-1.module+el8.4.0+9005+f55ff3e7.src.rpm softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.src.rpm
aarch64: bind-dyndb-ldap-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm bind-dyndb-ldap-debuginfo-11.6-2.module+el8.4.0+9328+4ec4e316.aarch64.rpm

Read the Full Advisory


Advisory ID: RHSA-2021:1846-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1846
Issue date: 2021-05-18

Topic

An update for the idm:DL1 and idm:client modules is now available for RedHat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat DoS security fix moderate impact idm:DL1 idm:client

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

871208 - ipa sudorule-add-user should accept external users1340463 - [RFE] Implement pam_pwquality featureset in IPA password policies

1357495 - ipa command provides stack trace when provided with single hypen commands

1484088 - [RFE]: Able to browse different links from IPA web gui in new tabs

1542737 - Incorrect certs are being updated with "ipa-certupdate"

1544379 - ipa-client-install changes system wide ssh configuration

1660877 - kinit is failing due to overflow in Root CA certificate's timestamp

1779981 - ipa-cert-fix warning message should use commercial name for the product.

1780328 - ipa-healthcheck - Mention that the default output format is JSON.

1780510 - Source 'ipahealthcheck.ipa.topology' not found is displayed when ipactl service is stopped

1780782 - ipa-cert-fix tool fails when the Dogtag CA SSL CSR is missing from CS.cfg

1784657 - Unlock user accounts after a password reset and replicate that unlock to all IdM servers1809215 - Man page has incorrect examples; log location for healthcheck tool

1810148 - ipa-server-certinstall raises exception when installing IPA-issued web server cert

1812871 - Intermittent IdM Client Registration Failures

1824193 - Add Directory Server Healthchecks from lib389

1850004 - CVE-2020-11023 jquery: Passing HTML containing

1851835 - [RFE] IdM short-term certificates ACME provider

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here