sssd-1.16.4-21.el7
エラータID: AXSA:2019-4334:02
リリース日:
2019/09/26 Thursday - 19:23
題名:
sssd-1.16.4-21.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- sssdには、GPO がサーバー側の強すぎる権限設定により SSSD によって
読み込み可能でないとき、SSSD はアクセスを拒否する代わりにすべての認証された
ユーザーにログインを許可する脆弱性があります。(CVE-2018-16838)
- sssdには、ユーザーがホームディレクトリをセットしない設定になっていると き、
sssd が '/'(ルート) を 空白の代わりに返すため、サービスがユーザーのファイル
システムをchroot() などによって制限するとき、問題になる脆弱性があります。
(CVE-2019-3811)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-16838
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
CVE-2019-3811
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
追加情報:
N/A
ダウンロード:
SRPMS
- sssd-1.16.4-21.el7.src.rpm
MD5: b7d4e902e9bde8309036c214f770bee6
SHA-256: 5086ff1a683fdf43167c3029135be94ccbc4b8d30f76a591f493226655b1a842
Size: 6.30 MB
Asianux Server 7 for x86_64
- libipa_hbac-1.16.4-21.el7.x86_64.rpm
MD5: 73f82ec88f714938ba8573619c277de2
SHA-256: ee640695eb40de9341279a96375a6524d98ea68590c295cdbdcd0ff9e7441081
Size: 145.96 kB - libsss_autofs-1.16.4-21.el7.x86_64.rpm
MD5: 1a1b41f14f8617b822cf7f5975a482ac
SHA-256: c66c9d80c2984902d44098879b40454c467a39a2a077d3b26bf2fd3f0d156a77
Size: 147.89 kB - libsss_certmap-1.16.4-21.el7.x86_64.rpm
MD5: 0d1ee59474506a495ac39a36b83cd9c4
SHA-256: d1782246832d4d97f1d33765c3144d3824b42892740e13950a6f1b71612ce915
Size: 174.25 kB - libsss_idmap-1.16.4-21.el7.x86_64.rpm
MD5: f3530449b89ceb9860f91daeab146a79
SHA-256: f9b8c4e9168b5075bcaf58b5d9e5f46fded309d2bc455f357ab1b3f6c2fc38af
Size: 150.67 kB - libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm
MD5: 2f0558539ef055a9c09de4f52796063b
SHA-256: 25f17d53ede1a9c2a7d5d43b0eac9fb527b6d7ab25e35774cde81e331c19e593
Size: 156.98 kB - libsss_simpleifp-1.16.4-21.el7.x86_64.rpm
MD5: 6447afc67ccb44509fc83404a5081da7
SHA-256: 1caf6e87d1b5ff2f1b355149db910f5480cb31fffa7cfd259c7f8c15ed4734a3
Size: 136.80 kB - libsss_sudo-1.16.4-21.el7.x86_64.rpm
MD5: 8fe6300f63ce21b25a48574dcf61f1ce
SHA-256: fb1cd290375b6d92e6f7af9abe3d56fd77bb7bc4089a9f4c6a1a42f68788de65
Size: 146.31 kB - python-libipa_hbac-1.16.4-21.el7.x86_64.rpm
MD5: eba203c27df43fde4413a4bd59792b34
SHA-256: 87477f5f1a198797d9060d0df576d455cfdab12d9bff241ee5c5e640bebef820
Size: 138.97 kB - python-libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm
MD5: cef1ba14f8c6ed7ed793050aba50dcde
SHA-256: cb68b82a85fe09404309fb195a4523fa2973ef4a475415c4549223f6d35b5f1c
Size: 132.00 kB - python-sss-1.16.4-21.el7.x86_64.rpm
MD5: c5f1acae267a996dd5c05e40d179cbd1
SHA-256: cb92f133c2bb9367180e558daa77f380fa0b8f68dd6693bc2aae21b5962ce6f2
Size: 151.91 kB - python-sssdconfig-1.16.4-21.el7.noarch.rpm
MD5: b9e9886ec15430bc4fb206ec0c77f1a1
SHA-256: 11e24a5f391cec34836d93879890a602e08feb3c884d9641c38e6abf81db1b13
Size: 164.19 kB - python-sss-murmur-1.16.4-21.el7.x86_64.rpm
MD5: 56a8ad2589584a47d3e2d29678a3b20a
SHA-256: 7beddd55e3baed475f402ed81046ad2d0f52b3ff4cfc0212143555ac15d7fef0
Size: 128.86 kB - sssd-1.16.4-21.el7.x86_64.rpm
MD5: 0dc8274f2cb843ccf776c1eeb876ac16
SHA-256: 3c4263d63d63c2f58e04670e6a1b81c33dc8bb9f295ba268ba37d476e3e65e3d
Size: 137.79 kB - sssd-ad-1.16.4-21.el7.x86_64.rpm
MD5: e6a5d84ee461d6a39e8be246c0b50e65
SHA-256: 91c3719914b9c3218ec32d298e077d5137dab7c16b8fd3d0dbe8f485f34d5e4f
Size: 269.08 kB - sssd-client-1.16.4-21.el7.x86_64.rpm
MD5: 30eb4e2efdb9990fd3c276de4a740cd7
SHA-256: 8829489f13ba2816fabde173e768f1cd57bdd8dbcd4a38185254baa2bf9dde9b
Size: 206.52 kB - sssd-common-1.16.4-21.el7.x86_64.rpm
MD5: beafe21ecb3a5da7a9c7c24b25116246
SHA-256: b4eaf9b82f27798172ddd5ac23643d8b2a724661dc683b403dafc10fd853ff93
Size: 1.44 MB - sssd-common-pac-1.16.4-21.el7.x86_64.rpm
MD5: dd84f58ce0a7b3ada07fcc9004a2c5b0
SHA-256: 7b4b114c7ce2fc7345151e6d7e1c59489a32db8b8ba1c2976f08e55e4a90ba1a
Size: 209.50 kB - sssd-dbus-1.16.4-21.el7.x86_64.rpm
MD5: 6551bd1262ee5bdf833e6230390594d5
SHA-256: 3e2b46701a5915611dd8e370dddb811e535723285f30c0e0b2b7fae1a35f5c31
Size: 246.14 kB - sssd-ipa-1.16.4-21.el7.x86_64.rpm
MD5: 7f889b3e0d7fc9e93d13c9618b432227
SHA-256: c483e8b8f63445b071b8fb863bdbd9abf80e06d19e2dcb4c55e85a788e60821d
Size: 359.20 kB - sssd-kcm-1.16.4-21.el7.x86_64.rpm
MD5: ab367c237aec3ae4719408deb3765303
SHA-256: 5dabd1ddb3cab96e6f5c1999c0c13dc4b2dc17402b7da5b593a88e9ee2f821ba
Size: 254.44 kB - sssd-krb5-1.16.4-21.el7.x86_64.rpm
MD5: b731f6446a9db2671445ecdeee363be8
SHA-256: 806556fa6547f5a31b106b23efe419185efd5d9b8163fc871e955500a36ffd91
Size: 179.57 kB - sssd-krb5-common-1.16.4-21.el7.x86_64.rpm
MD5: 6a050ec554271cd88e857c75aab0a492
SHA-256: 4f134d74f33aa61f43722a5039bdabf1af1693b6f8f6cc74d9c178289f63361c
Size: 212.89 kB - sssd-ldap-1.16.4-21.el7.x86_64.rpm
MD5: c7f0bf382ea2e4c97d1914f2abd1a513
SHA-256: 16f017c477d82871175f4bbaf0f56c2a9d56a42d6fba95c4b95c6f5b0f85a76b
Size: 231.93 kB - sssd-libwbclient-1.16.4-21.el7.x86_64.rpm
MD5: 38877caeb18c73e130fb478e6123814e
SHA-256: 80f35db06d57624d407031aedb2cc9167105463f1da42e7476294d37798e83e3
Size: 139.74 kB - sssd-polkit-rules-1.16.4-21.el7.x86_64.rpm
MD5: 14eb45469326b96136da554bcdea1010
SHA-256: 78d8f181fce3b0456d516f1da16c6a1a2faf588504c871a75e968206a2d88801
Size: 125.79 kB - sssd-proxy-1.16.4-21.el7.x86_64.rpm
MD5: 862cdc1b92ecb4c76337f6912c69bb5e
SHA-256: 7ee3db30cbcfd2da06c12f9df230b90640fc43035244a248b9dcb194d4871613
Size: 173.05 kB - sssd-tools-1.16.4-21.el7.x86_64.rpm
MD5: 50150dd02bd8f7f2263112a0d89daadb
SHA-256: 1ceca64991e2e6fd90fb30ac483feae6abafd03337a6ceddb18e10831ad9e7aa
Size: 408.63 kB - sssd-winbind-idmap-1.16.4-21.el7.x86_64.rpm
MD5: 533f2279a23d35d2bdc6fd61b84cff4b
SHA-256: c317995e6696dd961d6ccacee7ecb1215ff0e52e1b539705154710d257004064
Size: 132.82 kB - libipa_hbac-1.16.4-21.el7.i686.rpm
MD5: bf08ac469e4e8233607b5cc7cac119bc
SHA-256: 84f33d51ed876cf3e998ac96f3ea17fcdf0381f163fb27f36c3dcaef2aca60f8
Size: 145.84 kB - libsss_certmap-1.16.4-21.el7.i686.rpm
MD5: 7186c824da451a169dd841293a3f3549
SHA-256: 2fa81df3a1025c7b5469f7b56cad3dcf717ae03ab1511ac08d7394a25898bbf3
Size: 173.67 kB - libsss_idmap-1.16.4-21.el7.i686.rpm
MD5: 3298e273f476fa7ebc269a711b201795
SHA-256: 4449fdd00325fc2c64722c89e244d7c543b8f19938da46ab1a5984eca54144a8
Size: 151.21 kB - libsss_nss_idmap-1.16.4-21.el7.i686.rpm
MD5: 756e8f5f511560c40e8c3b42ab2ba301
SHA-256: 850d6dd6c8fec450b186660019a45fb13ada5143b8235b76ac54a526d191ff32
Size: 157.21 kB - libsss_simpleifp-1.16.4-21.el7.i686.rpm
MD5: c1826866fb0c78807d2aa6448712210d
SHA-256: 74fd2fce9bfdd68c6e15263c922ff31871d9f719b4f95237674d26e4c742351c
Size: 136.90 kB - sssd-client-1.16.4-21.el7.i686.rpm
MD5: 560f79dcd0795c71d338c7b763bac1ea
SHA-256: 27e98ea5bfd8e6f80857de215e7019032008ac962ba1ec9d324ab20cf0b69b71
Size: 206.49 kB
English