This bug was fixed in the package freeipa - 4.3.2-5

freeipa (4.3.2-5) unstable; urgency=medium

  * fix-cve-2016-5404.diff: Fix permission check bypass (Closes: #835131)
    - CVE-2016-5404
  * ipa-kdb-support-dal-version-5-and-6.diff: Support mit-krb5 1.15.
    (Closes: #844114)

 -- Timo Aaltonen <>  Sat, 03 Dec 2016 01:02:40 +0200

** Changed in: freeipa (Ubuntu)
       Status: New => Fix Released

** CVE added:

You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.

  Depend on libnss-sss and libpam-sss

Status in freeipa package in Ubuntu:
  Fix Released

Bug description:
  Currently libnss-sss and libpam-sss are marked as recommended on the
  sssd-common package. This however causes issues on systems that have
  installing recommended packages turned off (which I noticed was
  enabled on a VPS).

  The fact that those libaries are not installed means that the client
  install is not able to get a working setup running. It would probably
  be best if freeipa-client had a dependency on libnss-sss and libpam-
  nss as they're essentially necessary to get a working setup.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to