Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b115ddd7 by Salvatore Bonaccorso at 2019-07-04T19:15:00Z
Add upstream issue for CVE-2018-16838
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -42436,6 +42436,7 @@ CVE-2018-16838 (A flaw was found in sssd Group Policy
Objects implementation. Wh
NOTE: GPO based access control introduced in
https://github.com/SSSD/sssd/commit/60cab26b12
NOTE: seems to presuppose configuration mistake: if sssd is not given
enough permissions
NOTE: to read GPO, access is systematically granted instead of denied
+ NOTE: https://pagure.io/SSSD/sssd/issue/3867
NOTE:
https://pagure.io/SSSD/sssd/c/ad058011b6b75b15c674be46a3ae9b3cc5228175
CVE-2018-16837 (Ansible "User" module leaks any data which is passed on as a
parameter ...)
{DSA-4396-1 DLA-1576-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b115ddd7750a9a0bb376abea0ba0f35bca0d4b37
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b115ddd7750a9a0bb376abea0ba0f35bca0d4b37
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
