SUSE-SU-2019:0552-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0552-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2019:0552-1

Related

CVE-2019-3811

Published

2019-03-06T08:47:58Z

Modified

2019-03-06T08:47:58Z

Summary

Security update for sssd

Details

This update for sssd fixes the following issues:

Security vulnerability fixed:

CVE-2019-3811: Fix fallback_homedir returning '/' for empty home directories (bsc#1121759)

Other bug fixes and changes:

Skip sdapsavegrpmem() if ignoregroupmembers is set. (bsc#1082568)
Only search for primary group if it is not already cached (bsc#1082568)
Install /var/lib/sss/mc directory to correct sssd cache invalidation behaviour. Spec patch authored by Josef Cejka. (bsc#1039567) to fix a segfault in sudo provider (bsc#977224).
Fix a segfault in sss_cache (bsc#976038).

References

Affected packages

SUSE:Linux Enterprise Server 12-LTSS / sssd

Package

Name: sssd
Purl: purl:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.5.1-10.16.1

Ecosystem specific

{
    "binaries": [
        {
            "sssd-krb5": "1.11.5.1-10.16.1",
            "sssd-ldap": "1.11.5.1-10.16.1",
            "libsss_sudo": "1.11.5.1-10.16.1",
            "sssd-ad": "1.11.5.1-10.16.1",
            "python-sssd-config": "1.11.5.1-10.16.1",
            "sssd": "1.11.5.1-10.16.1",
            "libsss_idmap0": "1.11.5.1-10.16.1",
            "sssd-ipa": "1.11.5.1-10.16.1",
            "sssd-32bit": "1.11.5.1-10.16.1",
            "sssd-proxy": "1.11.5.1-10.16.1",
            "sssd-krb5-common": "1.11.5.1-10.16.1",
            "sssd-tools": "1.11.5.1-10.16.1",
            "libipa_hbac0": "1.11.5.1-10.16.1"
        }
    ]
}