File _patchinfo of Package patchinfo.18385
<patchinfo incident="18385">
<issue tracker="bnc" id="1184289">sssctl cache-remove fails with dependency on missing command without sssd-tools installed</issue>
<issue tracker="bnc" id="1182637">L3: sssd cache is not updated for user/group ref:_00D1igLOd._5001iUkSr4:ref</issue>
<issue tracker="bnc" id="1182058">zypper dup: fails to update sssd, sssd_ldap libldap-2 in correct order ref:_00D1igLOd._5001iYK3Rr:ref</issue>
<issue tracker="bnc" id="1187120">L3: sssd backport request for sles12 and sles15</issue>
<issue tracker="bnc" id="1189492">VUL-0: CVE-2021-3621: sssd: shell command injection in sssctl</issue>
<issue tracker="bnc" id="1190021">sssd segfault on top of SUMA4.1 (15sp2) after updating libcares2</issue>
<issue tracker="jsc" id="ECO-3493"/>
<issue tracker="cve" id="2021-3621"/>
<packager>scabrero</packager>
<rating>moderate</rating>
<category>recommended</category>
<summary>Recommended update for sssd</summary>
<description>This update for sssd fixes the following issues:
- Fix a dependency loop by moving internal libraries to sssd-common package. (bsc#1182058)
- Moved sssctl command from sssd to sssd-tools package. (bsc#1184289)
- Create timestamp attribute in cache objects if missing. (bsc#1182637)
- Fix watchdog not terminating tasks. (bsc#1187120)
- Improve logs to record the reason why internal watchdog terminates.
- Fixed security issue with sssd: shell command injection in sssctl. (CVE-2021-3621, bsc#1189492)
- Fixes a segfault with newer libcares2 versions when the library fails to parse a dns name. (bsc#1190021)
</description>
</patchinfo>