SCIENTIFIC-LINUX-ERRATA Archives

March 2013

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Low: sssd on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
Pat Riehecky <[log in to unmask]>
Date:
Mon, 4 Mar 2013 13:09:44 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (62 lines) 
Synopsis:          Low: sssd security, bug fix and enhancement update
Issue Date:        2013-02-21
CVE Numbers:       CVE-2013-0219
                    CVE-2013-0220
--

A race condition was found in the way SSSD copied and removed user home
directories. A local attacker who is able to write into the home 
directory of a
different user who is being removed could use this flaw to perform symbolic
link attacks, possibly allowing them to modify and delete arbitrary 
files with
the privileges of the root user. (CVE-2013-0219)

Multiple out-of-bounds memory read flaws were found in the way the 
autofs and
SSH service responders parsed certain SSSD packets. An attacker could 
spend a
specially-crafted packet that, when processed by the autofs or SSH service
responders, would cause SSSD to crash. This issue only caused a temporary
denial of service, as SSSD was automatically restarted by the monitor 
process
after the crash. (CVE-2013-0220)
--

SL6
   x86_64
     libipa_hbac-1.9.2-82.el6.i686.rpm
     libipa_hbac-1.9.2-82.el6.x86_64.rpm
     libipa_hbac-python-1.9.2-82.el6.x86_64.rpm
     libsss_autofs-1.9.2-82.el6.x86_64.rpm
     libsss_idmap-1.9.2-82.el6.x86_64.rpm
     libsss_sudo-1.9.2-82.el6.x86_64.rpm
     sssd-1.9.2-82.el6.x86_64.rpm
     sssd-client-1.9.2-82.el6.i686.rpm
     sssd-client-1.9.2-82.el6.x86_64.rpm
     sssd-debuginfo-1.9.2-82.el6.i686.rpm
     sssd-debuginfo-1.9.2-82.el6.x86_64.rpm
     libipa_hbac-devel-1.9.2-82.el6.i686.rpm
     libipa_hbac-devel-1.9.2-82.el6.x86_64.rpm
     libsss_idmap-1.9.2-82.el6.i686.rpm
     libsss_idmap-devel-1.9.2-82.el6.i686.rpm
     libsss_idmap-devel-1.9.2-82.el6.x86_64.rpm
     libsss_sudo-devel-1.9.2-82.el6.i686.rpm
     libsss_sudo-devel-1.9.2-82.el6.x86_64.rpm
     sssd-tools-1.9.2-82.el6.x86_64.rpm
   i386
     libipa_hbac-1.9.2-82.el6.i686.rpm
     libipa_hbac-python-1.9.2-82.el6.i686.rpm
     libsss_autofs-1.9.2-82.el6.i686.rpm
     libsss_idmap-1.9.2-82.el6.i686.rpm
     libsss_sudo-1.9.2-82.el6.i686.rpm
     sssd-1.9.2-82.el6.i686.rpm
     sssd-client-1.9.2-82.el6.i686.rpm
     sssd-debuginfo-1.9.2-82.el6.i686.rpm
     libipa_hbac-devel-1.9.2-82.el6.i686.rpm
     libsss_idmap-devel-1.9.2-82.el6.i686.rpm
     libsss_sudo-devel-1.9.2-82.el6.i686.rpm
     sssd-tools-1.9.2-82.el6.i686.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2