sssd-1.13.3-60.AXS4, ding-libs-0.4.0-13.AXS4

エラータID: AXSA:2018-3221:01

Release date: 
Wednesday, June 27, 2018 - 14:55
Subject: 
sssd-1.13.3-60.AXS4, ding-libs-0.4.0-13.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
Moderate
Description: 

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

The ding-libs packages contain a set of libraries used by the System Security Services Daemon (SSSD) as well as other projects, and provide functions to manipulate file system path names (libpath_utils), a hash table to manage storage and access time properties (libdhash), a data type to collect data in a hierarchical structure (libcollection), a dynamically growing, reference-counted array (libref_array), and a library to process configuration files in initialization format (INI) into a library collection data structure (libini_config).

Security Fix(es):

* sssd: unsanitized input when searching in local cache database (CVE-2017-12173)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Sumit Bose (Asianux).

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 4.10 Release Notes and Asianux Server 4.10 Technical Notes linked from the References section.

CVE-2017-12173
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

CVEs: 
CVE-2017-12173
It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
Additional Info: 

N/A

Download: 

SRPMS
  1. ding-libs-0.4.0-13.AXS4.src.rpm
    MD5: d311df11ab8fc9246212a1d90b438531
    SHA-256: 11dd9fc8255b030a664c6f78be4f61aa36e280fe07659eab406a04a87b24cdad
    Size: 818.38 kB
  2. sssd-1.13.3-60.AXS4.src.rpm
    MD5: f92ab9be1b2955cad91e697d8435008d
    SHA-256: e819e541adbea07e9a960c09560d22c7463afdb8027fe574b68571f4e83c5c44
    Size: 4.81 MB

Asianux Server 4 for x86
  1. libbasicobjects-0.1.1-13.AXS4.i686.rpm
    MD5: b63ebf86ac9c6e38766ccba6601f1188
    SHA-256: 7eb94ba06b574ff2b697547bc90995aec23291d0425953119e675a09a3431eb9
    Size: 21.21 kB
  2. libcollection-0.6.2-13.AXS4.i686.rpm
    MD5: be8c5c666e7bfe089229e492cbc6bdc2
    SHA-256: b1cceaf52b799336cc523a8ab24a0efa14dae30d45ac3e9d82bf22f08333d927
    Size: 36.29 kB
  3. libdhash-0.4.3-13.AXS4.i686.rpm
    MD5: 35dbbc88fff75f81701dd24125f64fc1
    SHA-256: bab1de971ab9106b10f275cc6ee32cb0dc5fa40b7f3cd69bc8fa11c3cb7cd338
    Size: 23.77 kB
  4. libini_config-1.1.0-13.AXS4.i686.rpm
    MD5: cf9a22338e8dada2eadc9b1808f355e9
    SHA-256: 4954dda64344e6f59ebfe1c18a052c66d74f20534c8211925bcf0b039cc3da2c
    Size: 46.57 kB
  5. libpath_utils-0.2.1-13.AXS4.i686.rpm
    MD5: 021a4aaa9440fe9320d40acba5c690cd
    SHA-256: 8f02e8281c55b8103cf218dd84e62853bab43cfd3cf1f3a2d7929edc8915931a
    Size: 24.01 kB
  6. libref_array-0.1.4-13.AXS4.i686.rpm
    MD5: b07322e5754a811e3046db4fc479465a
    SHA-256: 9cdc127fe3536e6d6a6bee1f436cbcb339d3878edb405509b77fdcbfe03fa7cd
    Size: 22.52 kB
  7. libipa_hbac-1.13.3-60.AXS4.i686.rpm
    MD5: 3c8a2122328fdfe2f264e942234be358
    SHA-256: 1a33e205fa4edcd3dab14b2ba7ee0e70773f9c239de9c0a7e65c25bd97529e67
    Size: 118.14 kB
  8. libsss_idmap-1.13.3-60.AXS4.i686.rpm
    MD5: 76403bf8ebd46715e076e1cba6b4059f
    SHA-256: 77a8be5e43155f677778aeab5db68873dec2621a5c225e921c4fb734385b38d0
    Size: 124.29 kB
  9. python-libipa_hbac-1.13.3-60.AXS4.i686.rpm
    MD5: 67459862dbb96e4ab8836d15f7459ced
    SHA-256: 85e8f1bf2788a0029f2d144744eb791f5c9b3e7e79b2a4b2ae43bb2128d464f6
    Size: 112.39 kB
  10. python-sss-1.13.3-60.AXS4.i686.rpm
    MD5: 684510651d9854469581a3c093690025
    SHA-256: c33d2c365b1a9fc310f38034edaf390fc56fb347dfb2c3b90d2f0985c1245653
    Size: 124.57 kB
  11. python-sssdconfig-1.13.3-60.AXS4.noarch.rpm
    MD5: b09656773c3de235396b6aed674442f9
    SHA-256: 582eb54177269e8e08ef91ac2f303b111dec99a392293889b2726ce6456c02d3
    Size: 146.52 kB
  12. python-sss-murmur-1.13.3-60.AXS4.i686.rpm
    MD5: 3e93296a8078870690fb809e1c360909
    SHA-256: fa1919e441d718b5b3d49e42478736c6874b977436f4beaebc420dc7083a3221
    Size: 103.01 kB
  13. sssd-1.13.3-60.AXS4.i686.rpm
    MD5: 9bb0ee454278657d477eb47ad854be6a
    SHA-256: 72e2247be8bada45d0fb61c2a12115f683d0d7b3a75e7e4098eaca93e9a5f793
    Size: 113.34 kB
  14. sssd-ad-1.13.3-60.AXS4.i686.rpm
    MD5: a0169e86c410c056b3e4564f09271371
    SHA-256: e5fa24cc59fc760f66f5eec61549e05713dd5a11529fe4090f7bc83fdf67dd37
    Size: 216.85 kB
  15. sssd-client-1.13.3-60.AXS4.i686.rpm
    MD5: b4c3befa51e4f8b0f134b1d4a5be2c35
    SHA-256: 2683047fadeb1ca25773e1b97e44c7ee57ed15382952605197a69466695411ad
    Size: 169.95 kB
  16. sssd-common-1.13.3-60.AXS4.i686.rpm
    MD5: 1b4fe088c2615b4cd332723ab99b4e28
    SHA-256: b65297c889ec0dd7510fd7526acc008eade3e8e5de9ef19d8c06ce83af5210c7
    Size: 1.07 MB
  17. sssd-common-pac-1.13.3-60.AXS4.i686.rpm
    MD5: f8fdaf1362b4f85004aeb36975c41d94
    SHA-256: fd5dd592bd8c6693bf897719e6fae5e0d85357a6a31d78b1dd90c41d27dee648
    Size: 151.42 kB
  18. sssd-dbus-1.13.3-60.AXS4.i686.rpm
    MD5: c945fac7619b29e618f82d027e4cf791
    SHA-256: 620e1d115c99f631ea433e4c5f081a15c1642dfb31573b57b48dd19cc0c89918
    Size: 165.30 kB
  19. sssd-ipa-1.13.3-60.AXS4.i686.rpm
    MD5: c0efab7b011beded2a0d91effedb708c
    SHA-256: b5907e00580713c511f12a2b3efcd71137c0e0a4ceed9e7033ce84a1fc3b9f99
    Size: 278.66 kB
  20. sssd-krb5-1.13.3-60.AXS4.i686.rpm
    MD5: 83e6f5c34159f3bd7568ee6087696996
    SHA-256: ef82ba38d9503a566748f905f27a60cba428b9ed0402da2b4d69c22a19d3fdf8
    Size: 148.41 kB
  21. sssd-krb5-common-1.13.3-60.AXS4.i686.rpm
    MD5: 17f9dc4d29ff05f72f2e3b722cc427bd
    SHA-256: 89b1ebc481076173bf0c6d8571cd03ad5cb5ce9e69af58c7bb897c5f27ad58a1
    Size: 167.08 kB
  22. sssd-ldap-1.13.3-60.AXS4.i686.rpm
    MD5: 4163eaa31471513805cddaf1ed316452
    SHA-256: 55eaaf78341ada6e0984f37184187501124ff4841fda3d0f288e10cdd5104952
    Size: 214.34 kB
  23. sssd-proxy-1.13.3-60.AXS4.i686.rpm
    MD5: 6e3e540ab1a077773ff251597c368bcf
    SHA-256: 59557f7e7f0e2b6105d2ef72a798abb4727f1c1963d358f1a75d7a3f12b00576
    Size: 141.38 kB

Asianux Server 4 for x86_64
  1. libbasicobjects-0.1.1-13.AXS4.x86_64.rpm
    MD5: c28cdb7ad658ce99bbc5e584ca1028cb
    SHA-256: bc38e9c7ef7e9a838ec6faad9c8455f5eb69f2a4291db154ac2a206032620f68
    Size: 20.71 kB
  2. libcollection-0.6.2-13.AXS4.x86_64.rpm
    MD5: 6c0120dea61a85e9891f3604391bfc72
    SHA-256: 6731fa1f4023283f2a29b0865223eb55891e49cccf9e8a30a76ff2dd96c864dd
    Size: 35.21 kB
  3. libdhash-0.4.3-13.AXS4.x86_64.rpm
    MD5: c35ff29d23feaa772c1dd1c87c3244e4
    SHA-256: ac02b0d7708e72be443a98a748399be1196887665deb911a546958bc469bc9f0
    Size: 23.13 kB
  4. libini_config-1.1.0-13.AXS4.x86_64.rpm
    MD5: 3d2d90bff690b67ce9e3aa8883eb7bfc
    SHA-256: 7829aef78ae6aa0bbb72c5a95749b35bd91ec996ae0101ecb56e9dc98acd5e1a
    Size: 45.46 kB
  5. libpath_utils-0.2.1-13.AXS4.x86_64.rpm
    MD5: d39f20bc1ed2b29491661af50901603b
    SHA-256: 7f2bb98cfdddf4eb84fca38727f35ca11347cbee278f05d4895626ae413483b3
    Size: 23.53 kB
  6. libref_array-0.1.4-13.AXS4.x86_64.rpm
    MD5: 456b0d2f3f5e1a79af9659b3399188b2
    SHA-256: 47feb3b621aedadc4d77c158feb86e1adcb5377a02c27cf7ab3de98bbf51b027
    Size: 22.12 kB
  7. libbasicobjects-0.1.1-13.AXS4.i686.rpm
    MD5: b63ebf86ac9c6e38766ccba6601f1188
    SHA-256: 7eb94ba06b574ff2b697547bc90995aec23291d0425953119e675a09a3431eb9
    Size: 21.21 kB
  8. libcollection-0.6.2-13.AXS4.i686.rpm
    MD5: be8c5c666e7bfe089229e492cbc6bdc2
    SHA-256: b1cceaf52b799336cc523a8ab24a0efa14dae30d45ac3e9d82bf22f08333d927
    Size: 36.29 kB
  9. libdhash-0.4.3-13.AXS4.i686.rpm
    MD5: 35dbbc88fff75f81701dd24125f64fc1
    SHA-256: bab1de971ab9106b10f275cc6ee32cb0dc5fa40b7f3cd69bc8fa11c3cb7cd338
    Size: 23.77 kB
  10. libini_config-1.1.0-13.AXS4.i686.rpm
    MD5: cf9a22338e8dada2eadc9b1808f355e9
    SHA-256: 4954dda64344e6f59ebfe1c18a052c66d74f20534c8211925bcf0b039cc3da2c
    Size: 46.57 kB
  11. libpath_utils-0.2.1-13.AXS4.i686.rpm
    MD5: 021a4aaa9440fe9320d40acba5c690cd
    SHA-256: 8f02e8281c55b8103cf218dd84e62853bab43cfd3cf1f3a2d7929edc8915931a
    Size: 24.01 kB
  12. libref_array-0.1.4-13.AXS4.i686.rpm
    MD5: b07322e5754a811e3046db4fc479465a
    SHA-256: 9cdc127fe3536e6d6a6bee1f436cbcb339d3878edb405509b77fdcbfe03fa7cd
    Size: 22.52 kB
  13. libipa_hbac-1.13.3-60.AXS4.x86_64.rpm
    MD5: 921e142e2ce478118c4ae0d4d0caaccf
    SHA-256: 85603ef90e78c507280b0d66464877af6776579042fa97162ee74537b28a0ea0
    Size: 117.66 kB
  14. libsss_idmap-1.13.3-60.AXS4.x86_64.rpm
    MD5: 5157285d10a30cbdcd6ff8984b791543
    SHA-256: 2d32cc052ac9ccd89482cb450a02591f99feb2ad647dcdf9c425dc9b2d38f5ac
    Size: 123.59 kB
  15. python-libipa_hbac-1.13.3-60.AXS4.x86_64.rpm
    MD5: 58238444fcd1d7690734680d69a371df
    SHA-256: 2d43928b1dfc36fedd5516a8c29852779b1a89ece4f3b238135572e60a1edd43
    Size: 112.41 kB
  16. python-sss-1.13.3-60.AXS4.x86_64.rpm
    MD5: e2aec63274f678c2da621cf541a6f3b1
    SHA-256: e3e89db4524c1b4bb390d40314d3fd961e47a7e8f7622b51f0e25bc1653966b3
    Size: 125.13 kB
  17. python-sssdconfig-1.13.3-60.AXS4.noarch.rpm
    MD5: 789d2360a61a91f8877dab05c891101a
    SHA-256: c196d7d806b7d7a776adb771cc19a0290367a4aee8a68abe8e06a6f5dc6ed7a1
    Size: 146.07 kB
  18. python-sss-murmur-1.13.3-60.AXS4.x86_64.rpm
    MD5: 6bdae59f48714ef017c53cc641f6f423
    SHA-256: 099a506cf7c291216c1454e805a59dadb22e3767851e7bb7c0e8e9d891c263c5
    Size: 102.64 kB
  19. sssd-1.13.3-60.AXS4.x86_64.rpm
    MD5: d749ede79dba0a36a105bd85fdd7f85e
    SHA-256: 521dcd0f7b211c566afc1813cc3e3c4895403d8ae9b23c07e783e47e8a5b73f9
    Size: 112.89 kB
  20. sssd-ad-1.13.3-60.AXS4.x86_64.rpm
    MD5: 9da5dccd01c0ca31a6f402a13cc3d3b1
    SHA-256: f622a079a4a426c9c97c1de0c313b887ab0ff7f01e8a9e7745fcc6b0e2393f04
    Size: 218.45 kB
  21. sssd-client-1.13.3-60.AXS4.x86_64.rpm
    MD5: 97ea504c3f2408bc0d87cf3b96886e44
    SHA-256: a82bfcb58828b3cee6957baca26acdfc52eb586a7b4ea8458485fdfae5a02f29
    Size: 169.68 kB
  22. sssd-common-1.13.3-60.AXS4.x86_64.rpm
    MD5: fb0f2caa56a28dc3351bf323ec2070ca
    SHA-256: 1e774dbd7287b013505e974a2c2f13b3e30b042504ed3654440c93058e98fd61
    Size: 1.08 MB
  23. sssd-common-pac-1.13.3-60.AXS4.x86_64.rpm
    MD5: 9c963819851f107faec7feb4d2f85a57
    SHA-256: bbb90097c6a1857cb457e59b1e0a1666d6a9739af7bf448140e5d6555b7acbb0
    Size: 152.52 kB
  24. sssd-dbus-1.13.3-60.AXS4.x86_64.rpm
    MD5: aaea68008415849867b417673801dc2b
    SHA-256: df6ec8459923851b3efedfe84bc567f4c2eb6a200782d2bda53ca23c641eb6a9
    Size: 166.66 kB
  25. sssd-ipa-1.13.3-60.AXS4.x86_64.rpm
    MD5: 71905a2049b3df8b564a3fb731672405
    SHA-256: bc1918127500033252447c06e6a1f7843cc2a1d05a04d3e2f3be90a342f9a9ed
    Size: 283.79 kB
  26. sssd-krb5-1.13.3-60.AXS4.x86_64.rpm
    MD5: 41aa9b5444e0fc2ea47bfcb88bd924ff
    SHA-256: 5cf2fdd3079c5dbd95b1e6121bb985cea81ff863fe0e67dd952bc736ee0a938a
    Size: 148.25 kB
  27. sssd-krb5-common-1.13.3-60.AXS4.x86_64.rpm
    MD5: 07ad927dc7d458d90684e8d02ca89150
    SHA-256: 44d6cf4c39092cc753b928d989d31b02cc4e62b3423da2cd9ea7c42577528127
    Size: 169.07 kB
  28. sssd-ldap-1.13.3-60.AXS4.x86_64.rpm
    MD5: 140ed8ea8942597341f0b4bd53b5200b
    SHA-256: 7ec4176784bd5fc6456462f1e95a5a4c9e6ccfdfbaef058cae233ee018586075
    Size: 214.37 kB
  29. sssd-proxy-1.13.3-60.AXS4.x86_64.rpm
    MD5: 7df261036ec6f243296c5d3f62893349
    SHA-256: b04356d1c849aa2ced9dc6ece6bc01a0359957692be3aaa009d9df3be7b283cf
    Size: 142.03 kB
  30. libipa_hbac-1.13.3-60.AXS4.i686.rpm
    MD5: 3c8a2122328fdfe2f264e942234be358
    SHA-256: 1a33e205fa4edcd3dab14b2ba7ee0e70773f9c239de9c0a7e65c25bd97529e67
    Size: 118.14 kB
  31. libsss_idmap-1.13.3-60.AXS4.i686.rpm
    MD5: 76403bf8ebd46715e076e1cba6b4059f
    SHA-256: 77a8be5e43155f677778aeab5db68873dec2621a5c225e921c4fb734385b38d0
    Size: 124.29 kB
  32. sssd-client-1.13.3-60.AXS4.i686.rpm
    MD5: b4c3befa51e4f8b0f134b1d4a5be2c35
    SHA-256: 2683047fadeb1ca25773e1b97e44c7ee57ed15382952605197a69466695411ad
    Size: 169.95 kB