ipa-4.6.8-5.16.0.1.el7.AXS7

エラータID: AXSA:2024-7410:02

Release date: 
Wednesday, January 17, 2024 - 08:52
Subject: 
ipa-4.6.8-5.16.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

Asianux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

Security Fix(es):

* ipa: Invalid CSRF protection (CVE-2023-5455)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-5455
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing already logged-in user. An attacker would always have to go through a new authentication attempt.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. ipa-4.6.8-5.16.0.1.el7.AXS7.src.rpm
    MD5: 5139c5f03f17853f8909edc3ce94ce71
    SHA-256: f3b3c35a9b4c8e719efd0aa6ead3f719b979c1d295ba52ab16d27cc97a82df16
    Size: 11.04 MB

Asianux Server 7 for x86_64
  1. ipa-client-4.6.8-5.16.0.1.el7.AXS7.x86_64.rpm
    MD5: 17f918a1e0bf7ac77547a1918a1714ba
    SHA-256: 9372cfb05b9c75d7a2bcb94431cde6e83bd3219a0d6858cca153298307f8404b
    Size: 291.14 kB
  2. ipa-client-common-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: f44a9e9d398fb8b15cb61ca5ed952aec
    SHA-256: c66a4c4a63d8523603f2b2ea045ad0acced3f462bddcbfc8cb11d4b5b65e3e44
    Size: 196.66 kB
  3. ipa-common-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: 315a86f056f6cb4d673a2ddb82138181
    SHA-256: 39df130bb714e0828e88aac07ab27ae4fada8abca8bf609c50803faffbb0e366
    Size: 622.86 kB
  4. ipa-python-compat-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: 492005d8aeff26dbfeb837a328165905
    SHA-256: 90e97d0460a4ca28e7ca4506a144419ddeedafe845cbcb10de5d9a176af04574
    Size: 190.52 kB
  5. ipa-server-4.6.8-5.16.0.1.el7.AXS7.x86_64.rpm
    MD5: 78da6fea1a5f2849477171a386bb01d6
    SHA-256: 07175901b228445aff1c74cfbbd3b5570c3555a37533395bee64c40fd4441f38
    Size: 534.19 kB
  6. ipa-server-common-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: 10fd88a237ffe9924eb15d17f12d610c
    SHA-256: 4026f1e038e346a89551a62fe5e62a0e07f0ef48dd21706fa2407202987a8afd
    Size: 707.76 kB
  7. ipa-server-dns-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: a268c3621d8267f8e0f5581f58e316f8
    SHA-256: b2e62d8d0ea4c7b1c14c6d7474deaaa8cbb85df2b6210eaa317b6e080480acfb
    Size: 194.42 kB
  8. ipa-server-trust-ad-4.6.8-5.16.0.1.el7.AXS7.x86_64.rpm
    MD5: cd22ee3ad3b805705b85859d18bfc832
    SHA-256: 87520e5aa0f5d73f17fcfb9094059354c281cd04dfc15e4cf977002c73642ace
    Size: 284.67 kB
  9. python2-ipaclient-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: ab7d6fb2daecc4ed913aee06087a315b
    SHA-256: f5c9b31648ddc936f6c86f054fdd3777fe57d7108c702c575db36cf280849fe7
    Size: 706.06 kB
  10. python2-ipalib-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: bb74aef2839349eb548750ba7a0e9397
    SHA-256: 975424d1bd185dc471a4c374e92d5131d16e11c1630d169410888013012aa454
    Size: 688.05 kB
  11. python2-ipaserver-4.6.8-5.16.0.1.el7.AXS7.noarch.rpm
    MD5: 53d8f7b8f392df4772b395f03514cf5f
    SHA-256: aefe9ccce7c6a390ca8b23d7a226e966f3482c19b097a25f3c30fd0018be6f53
    Size: 1.54 MB