Synopsis: Moderate: ipa security and bug fix update Advisory ID: SLSA-2021:5195-1 Issue Date: 2021-12-16 CVE Numbers: CVE-2020-25719 -- Security Fix(es): * samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets (CVE-2020-25719) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * SL 8.6 IPA Replica Failed to configure PKINIT setup against a SL 7.9 IPA server -- SL7 x86_64 ipa-client-4.6.8-5.el7_9.10.x86_64.rpm ipa-debuginfo-4.6.8-5.el7_9.10.x86_64.rpm ipa-server-4.6.8-5.el7_9.10.x86_64.rpm ipa-server-trust-ad-4.6.8-5.el7_9.10.x86_64.rpm noarch ipa-client-common-4.6.8-5.el7_9.10.noarch.rpm ipa-common-4.6.8-5.el7_9.10.noarch.rpm ipa-python-compat-4.6.8-5.el7_9.10.noarch.rpm python2-ipaclient-4.6.8-5.el7_9.10.noarch.rpm python2-ipalib-4.6.8-5.el7_9.10.noarch.rpm ipa-server-common-4.6.8-5.el7_9.10.noarch.rpm ipa-server-dns-4.6.8-5.el7_9.10.noarch.rpm python2-ipaserver-4.6.8-5.el7_9.10.noarch.rpm - Scientific Linux Development Team