This bug was fixed in the package sssd - 2.5.2-4ubuntu1
---------------
sssd (2.5.2-4ubuntu1) jammy; urgency=medium
* Merge with Debian unstable (LP: #1946904). Remaining changes:
- Disable lto, not ready upstream.
- d/control: Drop libgdm-dev Build-Depend on i386.
- d/p/fix-python-tests.patch: Fix Python tests by making them
assert Python module paths by using full pathnames.
* Dropped changes:
- d/apparmor-profile: Update profile. (LP #1910611)
+ Extend read permissions to /etc/sssd/** and /etc/gss/**.
+ Add read/execute permission to /usr/libexec/sssd/*.
[ Incorporated by Debian. ]
- Fix FTBFS with newer autoconf
+ debian/patches/fix_newer_autoconf.patch: do not unset PYTHON_PREFIX
and PYTHON_EXEC_PREFIX in src/external/python.m4.
[ Incorporated by Debian. ]
- SECURITY UPDATE: shell command injection in sssctl comment
+ debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
avoid execution of user supplied command in
src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
+ CVE-2021-3621
[ Incorporated by Debian. ]
- d/p/disable-fail_over-tests.patch: Disable fail_over-tests,
which is failing when running inside sbuild.
[ Not needed anymore; issue does not reproduce on Jammy. ]
-- Sergio Durigan Junior <[email protected]> Wed, 27 Oct
2021 20:16:31 -0400
** Changed in: sssd (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3621
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946904
Title:
Merge sssd from Debian unstable for 22.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1946904/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
