Overview

File _patchinfo of Package patchinfo.19130

<patchinfo incident="19130">
  <issue tracker="bnc" id="1190775">sssd: not all groups visible for a user</issue>
  <issue tracker="bnc" id="1189492">VUL-0: CVE-2021-3621: sssd: shell command injection in sssctl</issue>
  <issue tracker="bnc" id="1182637">sssd cache is not updated for user/group ref:_00D1igLOd._5001iUkSr4:ref</issue>
  <issue tracker="cve" id="2021-3621"/>
  <packager>scabrero</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for sssd</summary>
  <description>This update for sssd fixes the following issues:

Security issues fixed:

- CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands (bsc#1189492).

Non-security issues fixed:

- Create timestamp attribute in cache objects if missing. (bsc#1182637)
- Add 'ldap_ignore_unreadable_references' parameter to skip unreadable objects referenced by 'member' attributte (bsc#1190775).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places