Overview

File _patchinfo of Package patchinfo.7457

<patchinfo incident="7457">
  <issue id="1039567" tracker="bnc">sss_cache -U does not properly clear deleted users</issue>
  <issue id="1061832" tracker="bnc">VUL-0: sssd: CVE-2017-12173 sssd: unsanitized input when searching in local cache database</issue>
  <issue id="1055123" tracker="bnc">L3: SLES12 SP2: SSSD crashes, needs to be restarted. Will work for awhile but eventually crash again.</issue>
  <issue id="2017-12173" tracker="cve"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>guohouzuo</packager>
  <description>This update for sssd provides the following fixes:

Security issues fixed:

- CVE-2017-12173: Fixed unsanitized input when searching in local cache database (bsc#1061832).

Non security issues fixed:

- Fixed a segfault issue in ldap_rfc_2307_fallback_to_local_users. (bsc#1055123)
- Install /var/lib/sss/mc directory to correct sssd cache invalidation behaviour. (bsc#1039567)

This update was imported from the SUSE:SLE-12-SP2:Update update project.</description>
  <summary>Security update for sssd</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places