-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: sssd security, bug fix, and enhancement update Advisory ID: RHSA-2019:2177-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2177 Issue date: 2019-08-06 CVE Names: CVE-2018-16838 CVE-2019-3811 ==================================================================== 1. Summary: An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. The following packages have been upgraded to a later upstream version: sssd (1.16.4). (BZ#1658994) Security Fix(es): * sssd: fallback_homedir returns '/' for empty home directories in passwd file (CVE-2019-3811) * sssd: improper implementation of GPOs due to too restrictive permissions (CVE-2018-16838) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 720688 - [RFE] return multiple server addresses to the Kerberos locator plugin 1350012 - kinit / sssd kerberos fail over 1402056 - [RFE] Make 2FA prompting configurable 1406678 - sssd service is starting before network service 1614296 - SSSD netgroups do not honor entry_cache_nowait_percentage 1619706 - sssd only sets the SELinux login context if it differs from the default 1631656 - KCM: kinit: Matching credential not found while getting default ccache 1640820 - CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions 1645461 - Slow ldb search causes blocking during startup which might cause the registration to time out 1653759 - sss_cache shouldn't return ENOENT when no entries match 1656618 - CVE-2019-3811 sssd: fallback_homedir returns '/' for empty home directories in passwd file 1658994 - Rebase SSSD to 1.16.x 1671138 - User is unable to perform sudo as a user on IPA Server, even though `sudo -l` shows permissions to do so 1672527 - sssd_krb5_locator_plugin introduces delay in cifs.upcall krb5 calls 1677355 - NSS responder does no refresh domain list when busy 1677665 - IPA: Deleted user from trusted domain is not removed properly from the cache on IPA clients 1679173 - filter_users option is not applied to sub-domains if SSSD starts offline 1684979 - The HBAC code requires dereference to be enabled and fails otherwise 1685472 - UPN negative cache does not use values from 'filter_users' config option 1685581 - Extend cached_auth_timeout to cover subdomains / trusts 1707759 - Error accessing files on samba share randomly 1710286 - The server error message is not returned if password change fails 1711832 - The files provider does not handle resetOffline properly 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: sssd-1.16.4-21.el7.src.rpm noarch: python-sssdconfig-1.16.4-21.el7.noarch.rpm x86_64: libipa_hbac-1.16.4-21.el7.i686.rpm libipa_hbac-1.16.4-21.el7.x86_64.rpm libsss_autofs-1.16.4-21.el7.x86_64.rpm libsss_certmap-1.16.4-21.el7.i686.rpm libsss_certmap-1.16.4-21.el7.x86_64.rpm libsss_idmap-1.16.4-21.el7.i686.rpm libsss_idmap-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-1.16.4-21.el7.i686.rpm libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-1.16.4-21.el7.i686.rpm libsss_simpleifp-1.16.4-21.el7.x86_64.rpm libsss_sudo-1.16.4-21.el7.x86_64.rpm python-libipa_hbac-1.16.4-21.el7.x86_64.rpm python-sss-1.16.4-21.el7.x86_64.rpm python-sss-murmur-1.16.4-21.el7.x86_64.rpm sssd-1.16.4-21.el7.x86_64.rpm sssd-ad-1.16.4-21.el7.x86_64.rpm sssd-client-1.16.4-21.el7.i686.rpm sssd-client-1.16.4-21.el7.x86_64.rpm sssd-common-1.16.4-21.el7.x86_64.rpm sssd-common-pac-1.16.4-21.el7.x86_64.rpm sssd-dbus-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-ipa-1.16.4-21.el7.x86_64.rpm sssd-kcm-1.16.4-21.el7.x86_64.rpm sssd-krb5-1.16.4-21.el7.x86_64.rpm sssd-krb5-common-1.16.4-21.el7.x86_64.rpm sssd-ldap-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-1.16.4-21.el7.x86_64.rpm sssd-polkit-rules-1.16.4-21.el7.x86_64.rpm sssd-proxy-1.16.4-21.el7.x86_64.rpm sssd-tools-1.16.4-21.el7.x86_64.rpm sssd-winbind-idmap-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libipa_hbac-devel-1.16.4-21.el7.i686.rpm libipa_hbac-devel-1.16.4-21.el7.x86_64.rpm libsss_certmap-devel-1.16.4-21.el7.i686.rpm libsss_certmap-devel-1.16.4-21.el7.x86_64.rpm libsss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_nss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-devel-1.16.4-21.el7.i686.rpm libsss_simpleifp-devel-1.16.4-21.el7.x86_64.rpm python-libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-devel-1.16.4-21.el7.i686.rpm sssd-libwbclient-devel-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: sssd-1.16.4-21.el7.src.rpm noarch: python-sssdconfig-1.16.4-21.el7.noarch.rpm x86_64: libipa_hbac-1.16.4-21.el7.i686.rpm libipa_hbac-1.16.4-21.el7.x86_64.rpm libsss_autofs-1.16.4-21.el7.x86_64.rpm libsss_certmap-1.16.4-21.el7.i686.rpm libsss_certmap-1.16.4-21.el7.x86_64.rpm libsss_idmap-1.16.4-21.el7.i686.rpm libsss_idmap-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-1.16.4-21.el7.i686.rpm libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-1.16.4-21.el7.i686.rpm libsss_simpleifp-1.16.4-21.el7.x86_64.rpm libsss_sudo-1.16.4-21.el7.x86_64.rpm python-libipa_hbac-1.16.4-21.el7.x86_64.rpm python-sss-1.16.4-21.el7.x86_64.rpm python-sss-murmur-1.16.4-21.el7.x86_64.rpm sssd-1.16.4-21.el7.x86_64.rpm sssd-ad-1.16.4-21.el7.x86_64.rpm sssd-client-1.16.4-21.el7.i686.rpm sssd-client-1.16.4-21.el7.x86_64.rpm sssd-common-1.16.4-21.el7.x86_64.rpm sssd-common-pac-1.16.4-21.el7.x86_64.rpm sssd-dbus-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-ipa-1.16.4-21.el7.x86_64.rpm sssd-kcm-1.16.4-21.el7.x86_64.rpm sssd-krb5-1.16.4-21.el7.x86_64.rpm sssd-krb5-common-1.16.4-21.el7.x86_64.rpm sssd-ldap-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-1.16.4-21.el7.x86_64.rpm sssd-polkit-rules-1.16.4-21.el7.x86_64.rpm sssd-proxy-1.16.4-21.el7.x86_64.rpm sssd-tools-1.16.4-21.el7.x86_64.rpm sssd-winbind-idmap-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libipa_hbac-devel-1.16.4-21.el7.i686.rpm libipa_hbac-devel-1.16.4-21.el7.x86_64.rpm libsss_certmap-devel-1.16.4-21.el7.i686.rpm libsss_certmap-devel-1.16.4-21.el7.x86_64.rpm libsss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_nss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-devel-1.16.4-21.el7.i686.rpm libsss_simpleifp-devel-1.16.4-21.el7.x86_64.rpm python-libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-devel-1.16.4-21.el7.i686.rpm sssd-libwbclient-devel-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: sssd-1.16.4-21.el7.src.rpm noarch: python-sssdconfig-1.16.4-21.el7.noarch.rpm ppc64: libipa_hbac-1.16.4-21.el7.ppc.rpm libipa_hbac-1.16.4-21.el7.ppc64.rpm libsss_autofs-1.16.4-21.el7.ppc64.rpm libsss_certmap-1.16.4-21.el7.ppc.rpm libsss_certmap-1.16.4-21.el7.ppc64.rpm libsss_idmap-1.16.4-21.el7.ppc.rpm libsss_idmap-1.16.4-21.el7.ppc64.rpm libsss_nss_idmap-1.16.4-21.el7.ppc.rpm libsss_nss_idmap-1.16.4-21.el7.ppc64.rpm libsss_simpleifp-1.16.4-21.el7.ppc.rpm libsss_simpleifp-1.16.4-21.el7.ppc64.rpm libsss_sudo-1.16.4-21.el7.ppc64.rpm python-libipa_hbac-1.16.4-21.el7.ppc64.rpm python-sss-1.16.4-21.el7.ppc64.rpm python-sss-murmur-1.16.4-21.el7.ppc64.rpm sssd-1.16.4-21.el7.ppc64.rpm sssd-ad-1.16.4-21.el7.ppc64.rpm sssd-client-1.16.4-21.el7.ppc.rpm sssd-client-1.16.4-21.el7.ppc64.rpm sssd-common-1.16.4-21.el7.ppc64.rpm sssd-common-pac-1.16.4-21.el7.ppc64.rpm sssd-dbus-1.16.4-21.el7.ppc64.rpm sssd-debuginfo-1.16.4-21.el7.ppc.rpm sssd-debuginfo-1.16.4-21.el7.ppc64.rpm sssd-ipa-1.16.4-21.el7.ppc64.rpm sssd-kcm-1.16.4-21.el7.ppc64.rpm sssd-krb5-1.16.4-21.el7.ppc64.rpm sssd-krb5-common-1.16.4-21.el7.ppc64.rpm sssd-ldap-1.16.4-21.el7.ppc64.rpm sssd-libwbclient-1.16.4-21.el7.ppc64.rpm sssd-polkit-rules-1.16.4-21.el7.ppc64.rpm sssd-proxy-1.16.4-21.el7.ppc64.rpm sssd-tools-1.16.4-21.el7.ppc64.rpm sssd-winbind-idmap-1.16.4-21.el7.ppc64.rpm ppc64le: libipa_hbac-1.16.4-21.el7.ppc64le.rpm libsss_autofs-1.16.4-21.el7.ppc64le.rpm libsss_certmap-1.16.4-21.el7.ppc64le.rpm libsss_idmap-1.16.4-21.el7.ppc64le.rpm libsss_nss_idmap-1.16.4-21.el7.ppc64le.rpm libsss_simpleifp-1.16.4-21.el7.ppc64le.rpm libsss_sudo-1.16.4-21.el7.ppc64le.rpm python-libipa_hbac-1.16.4-21.el7.ppc64le.rpm python-sss-1.16.4-21.el7.ppc64le.rpm python-sss-murmur-1.16.4-21.el7.ppc64le.rpm sssd-1.16.4-21.el7.ppc64le.rpm sssd-ad-1.16.4-21.el7.ppc64le.rpm sssd-client-1.16.4-21.el7.ppc64le.rpm sssd-common-1.16.4-21.el7.ppc64le.rpm sssd-common-pac-1.16.4-21.el7.ppc64le.rpm sssd-dbus-1.16.4-21.el7.ppc64le.rpm sssd-debuginfo-1.16.4-21.el7.ppc64le.rpm sssd-ipa-1.16.4-21.el7.ppc64le.rpm sssd-kcm-1.16.4-21.el7.ppc64le.rpm sssd-krb5-1.16.4-21.el7.ppc64le.rpm sssd-krb5-common-1.16.4-21.el7.ppc64le.rpm sssd-ldap-1.16.4-21.el7.ppc64le.rpm sssd-libwbclient-1.16.4-21.el7.ppc64le.rpm sssd-polkit-rules-1.16.4-21.el7.ppc64le.rpm sssd-proxy-1.16.4-21.el7.ppc64le.rpm sssd-tools-1.16.4-21.el7.ppc64le.rpm sssd-winbind-idmap-1.16.4-21.el7.ppc64le.rpm s390x: libipa_hbac-1.16.4-21.el7.s390.rpm libipa_hbac-1.16.4-21.el7.s390x.rpm libsss_autofs-1.16.4-21.el7.s390x.rpm libsss_certmap-1.16.4-21.el7.s390.rpm libsss_certmap-1.16.4-21.el7.s390x.rpm libsss_idmap-1.16.4-21.el7.s390.rpm libsss_idmap-1.16.4-21.el7.s390x.rpm libsss_nss_idmap-1.16.4-21.el7.s390.rpm libsss_nss_idmap-1.16.4-21.el7.s390x.rpm libsss_simpleifp-1.16.4-21.el7.s390.rpm libsss_simpleifp-1.16.4-21.el7.s390x.rpm libsss_sudo-1.16.4-21.el7.s390x.rpm python-libipa_hbac-1.16.4-21.el7.s390x.rpm python-sss-1.16.4-21.el7.s390x.rpm python-sss-murmur-1.16.4-21.el7.s390x.rpm sssd-1.16.4-21.el7.s390x.rpm sssd-ad-1.16.4-21.el7.s390x.rpm sssd-client-1.16.4-21.el7.s390.rpm sssd-client-1.16.4-21.el7.s390x.rpm sssd-common-1.16.4-21.el7.s390x.rpm sssd-common-pac-1.16.4-21.el7.s390x.rpm sssd-dbus-1.16.4-21.el7.s390x.rpm sssd-debuginfo-1.16.4-21.el7.s390.rpm sssd-debuginfo-1.16.4-21.el7.s390x.rpm sssd-ipa-1.16.4-21.el7.s390x.rpm sssd-kcm-1.16.4-21.el7.s390x.rpm sssd-krb5-1.16.4-21.el7.s390x.rpm sssd-krb5-common-1.16.4-21.el7.s390x.rpm sssd-ldap-1.16.4-21.el7.s390x.rpm sssd-libwbclient-1.16.4-21.el7.s390x.rpm sssd-polkit-rules-1.16.4-21.el7.s390x.rpm sssd-proxy-1.16.4-21.el7.s390x.rpm sssd-tools-1.16.4-21.el7.s390x.rpm sssd-winbind-idmap-1.16.4-21.el7.s390x.rpm x86_64: libipa_hbac-1.16.4-21.el7.i686.rpm libipa_hbac-1.16.4-21.el7.x86_64.rpm libsss_autofs-1.16.4-21.el7.x86_64.rpm libsss_certmap-1.16.4-21.el7.i686.rpm libsss_certmap-1.16.4-21.el7.x86_64.rpm libsss_idmap-1.16.4-21.el7.i686.rpm libsss_idmap-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-1.16.4-21.el7.i686.rpm libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-1.16.4-21.el7.i686.rpm libsss_simpleifp-1.16.4-21.el7.x86_64.rpm libsss_sudo-1.16.4-21.el7.x86_64.rpm python-libipa_hbac-1.16.4-21.el7.x86_64.rpm python-libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm python-sss-1.16.4-21.el7.x86_64.rpm python-sss-murmur-1.16.4-21.el7.x86_64.rpm sssd-1.16.4-21.el7.x86_64.rpm sssd-ad-1.16.4-21.el7.x86_64.rpm sssd-client-1.16.4-21.el7.i686.rpm sssd-client-1.16.4-21.el7.x86_64.rpm sssd-common-1.16.4-21.el7.x86_64.rpm sssd-common-pac-1.16.4-21.el7.x86_64.rpm sssd-dbus-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-ipa-1.16.4-21.el7.x86_64.rpm sssd-kcm-1.16.4-21.el7.x86_64.rpm sssd-krb5-1.16.4-21.el7.x86_64.rpm sssd-krb5-common-1.16.4-21.el7.x86_64.rpm sssd-ldap-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-1.16.4-21.el7.x86_64.rpm sssd-polkit-rules-1.16.4-21.el7.x86_64.rpm sssd-proxy-1.16.4-21.el7.x86_64.rpm sssd-tools-1.16.4-21.el7.x86_64.rpm sssd-winbind-idmap-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libipa_hbac-devel-1.16.4-21.el7.ppc.rpm libipa_hbac-devel-1.16.4-21.el7.ppc64.rpm libsss_certmap-devel-1.16.4-21.el7.ppc.rpm libsss_certmap-devel-1.16.4-21.el7.ppc64.rpm libsss_idmap-devel-1.16.4-21.el7.ppc.rpm libsss_idmap-devel-1.16.4-21.el7.ppc64.rpm libsss_nss_idmap-devel-1.16.4-21.el7.ppc.rpm libsss_nss_idmap-devel-1.16.4-21.el7.ppc64.rpm libsss_simpleifp-devel-1.16.4-21.el7.ppc.rpm libsss_simpleifp-devel-1.16.4-21.el7.ppc64.rpm python-libsss_nss_idmap-1.16.4-21.el7.ppc64.rpm sssd-debuginfo-1.16.4-21.el7.ppc.rpm sssd-debuginfo-1.16.4-21.el7.ppc64.rpm sssd-libwbclient-devel-1.16.4-21.el7.ppc.rpm sssd-libwbclient-devel-1.16.4-21.el7.ppc64.rpm ppc64le: libipa_hbac-devel-1.16.4-21.el7.ppc64le.rpm libsss_certmap-devel-1.16.4-21.el7.ppc64le.rpm libsss_idmap-devel-1.16.4-21.el7.ppc64le.rpm libsss_nss_idmap-devel-1.16.4-21.el7.ppc64le.rpm libsss_simpleifp-devel-1.16.4-21.el7.ppc64le.rpm python-libsss_nss_idmap-1.16.4-21.el7.ppc64le.rpm sssd-debuginfo-1.16.4-21.el7.ppc64le.rpm sssd-libwbclient-devel-1.16.4-21.el7.ppc64le.rpm s390x: libipa_hbac-devel-1.16.4-21.el7.s390.rpm libipa_hbac-devel-1.16.4-21.el7.s390x.rpm libsss_certmap-devel-1.16.4-21.el7.s390.rpm libsss_certmap-devel-1.16.4-21.el7.s390x.rpm libsss_idmap-devel-1.16.4-21.el7.s390.rpm libsss_idmap-devel-1.16.4-21.el7.s390x.rpm libsss_nss_idmap-devel-1.16.4-21.el7.s390.rpm libsss_nss_idmap-devel-1.16.4-21.el7.s390x.rpm libsss_simpleifp-devel-1.16.4-21.el7.s390.rpm libsss_simpleifp-devel-1.16.4-21.el7.s390x.rpm python-libsss_nss_idmap-1.16.4-21.el7.s390x.rpm sssd-debuginfo-1.16.4-21.el7.s390.rpm sssd-debuginfo-1.16.4-21.el7.s390x.rpm sssd-libwbclient-devel-1.16.4-21.el7.s390.rpm sssd-libwbclient-devel-1.16.4-21.el7.s390x.rpm x86_64: libipa_hbac-devel-1.16.4-21.el7.i686.rpm libipa_hbac-devel-1.16.4-21.el7.x86_64.rpm libsss_certmap-devel-1.16.4-21.el7.i686.rpm libsss_certmap-devel-1.16.4-21.el7.x86_64.rpm libsss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_nss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-devel-1.16.4-21.el7.i686.rpm libsss_simpleifp-devel-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-devel-1.16.4-21.el7.i686.rpm sssd-libwbclient-devel-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: sssd-1.16.4-21.el7.src.rpm noarch: python-sssdconfig-1.16.4-21.el7.noarch.rpm x86_64: libipa_hbac-1.16.4-21.el7.i686.rpm libipa_hbac-1.16.4-21.el7.x86_64.rpm libsss_autofs-1.16.4-21.el7.x86_64.rpm libsss_certmap-1.16.4-21.el7.i686.rpm libsss_certmap-1.16.4-21.el7.x86_64.rpm libsss_idmap-1.16.4-21.el7.i686.rpm libsss_idmap-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-1.16.4-21.el7.i686.rpm libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-1.16.4-21.el7.i686.rpm libsss_simpleifp-1.16.4-21.el7.x86_64.rpm libsss_sudo-1.16.4-21.el7.x86_64.rpm python-libipa_hbac-1.16.4-21.el7.x86_64.rpm python-libsss_nss_idmap-1.16.4-21.el7.x86_64.rpm python-sss-1.16.4-21.el7.x86_64.rpm python-sss-murmur-1.16.4-21.el7.x86_64.rpm sssd-1.16.4-21.el7.x86_64.rpm sssd-ad-1.16.4-21.el7.x86_64.rpm sssd-client-1.16.4-21.el7.i686.rpm sssd-client-1.16.4-21.el7.x86_64.rpm sssd-common-1.16.4-21.el7.x86_64.rpm sssd-common-pac-1.16.4-21.el7.x86_64.rpm sssd-dbus-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-ipa-1.16.4-21.el7.x86_64.rpm sssd-kcm-1.16.4-21.el7.x86_64.rpm sssd-krb5-1.16.4-21.el7.x86_64.rpm sssd-krb5-common-1.16.4-21.el7.x86_64.rpm sssd-ldap-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-1.16.4-21.el7.x86_64.rpm sssd-polkit-rules-1.16.4-21.el7.x86_64.rpm sssd-proxy-1.16.4-21.el7.x86_64.rpm sssd-tools-1.16.4-21.el7.x86_64.rpm sssd-winbind-idmap-1.16.4-21.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libipa_hbac-devel-1.16.4-21.el7.i686.rpm libipa_hbac-devel-1.16.4-21.el7.x86_64.rpm libsss_certmap-devel-1.16.4-21.el7.i686.rpm libsss_certmap-devel-1.16.4-21.el7.x86_64.rpm libsss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_nss_idmap-devel-1.16.4-21.el7.i686.rpm libsss_nss_idmap-devel-1.16.4-21.el7.x86_64.rpm libsss_simpleifp-devel-1.16.4-21.el7.i686.rpm libsss_simpleifp-devel-1.16.4-21.el7.x86_64.rpm sssd-debuginfo-1.16.4-21.el7.i686.rpm sssd-debuginfo-1.16.4-21.el7.x86_64.rpm sssd-libwbclient-devel-1.16.4-21.el7.i686.rpm sssd-libwbclient-devel-1.16.4-21.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16838 https://access.redhat.com/security/cve/CVE-2019-3811 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl4DtzjgjWX9erEAQjP2RAAnRM6fyfGnUQp4nTyPOtx6P+uga+7nIwz qzHOE0XPn8Ml172MVhinlxvBSHFObFnJ2gecmVoquKo9xahRdgfH4h3gBtb4ebMD IhSCRFQ92K9exI72D3oZ8m0+jYFgneG3QOIFUJsCyBuHIq14qZT9dCqP3pX3aZP1 A08D6MiRVovuNmquVZWNg2rzQAbYt5emPHHwVe4bj92AkdQ6T0jvK7G8+nlBp46x vMhyKbFgZL2NsV7v9RYS/OAto6/9hUAKiIoYJA6+QrDqstCdNEnatAhUDEN7ZbZn ZvRN3saBMOUDquS+CPvN6PaBNDzJeOU5mwUir7oYN7jjQbALs4TBjR81lOhOGMyn 7yAdpFBRymDE8ui1SqySJfxr855IJ1yjjlM6Sap1prwY+2yQoOnQv7iofB9GV/du Q2Wsa+1h5Dvel3f5aFwsC981obMWxTrdzvwd92rKyaOO/xzEYpq7HGk4xCn2NvW3 BuurJYNUymGzbu7VahUcVY7nT/TyHzLIdUkmcCqxvJohQ10jukGeolGNmUk8E+ns KWtboJvNAhPhN7J3GwiqNkBAVU7gqLbChV4GE+VXy1dBBIEr4RyoCUMDT6a3e4TV Ymg5JW818d5tSV7OwL+uj+iv3FeEQEh44sfqCvfDt+ivdV+T4oTDAg8WP17LsQnO lPjNuQlRgO8=epxP -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce