{"id":51867,"date":"2023-06-16T20:39:50","date_gmt":"2023-06-16T11:39:50","guid":{"rendered":"https:\/\/jirak.net\/wp\/usn-6156-2-sssd-regression\/"},"modified":"2023-06-16T22:34:18","modified_gmt":"2023-06-16T13:34:18","slug":"usn-6156-2-sssd-regression","status":"publish","type":"post","link":"https:\/\/jirak.net\/wp\/usn-6156-2-sssd-regression\/","title":{"rendered":"USN-6156-2: SSSD regression"},"content":{"rendered":"<p>USN-6156-2: SSSD regression<\/p>\n<p>USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all<br \/>\npackages ended up being upgraded at the same time, resulting in<br \/>\nauthentication failures when the PAM module was being used.<\/p>\n<p>This update fixes the problem. We apologize for the inconvenience.<\/p>\n<p>Original advisory details:<\/p>\n<p> It was discovered that SSSD incorrrectly sanitized certificate data used in<br \/>\n LDAP filters. When using this issue in combination with FreeIPA, a remote<br \/>\n attacker could possibly use this issue to escalate privileges.<br \/>\nSource: <a href=\"https:\/\/ubuntu.com\/security\/notices\/USN-6156-2\" target=\"_blank\" rel=\"noopener\">USN-6156-2: SSSD regression<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\"><p>USN-6156-2: SSSD regression USN-6156-1 fixed a vulnerability in SSSD. In certain environments, not all packages ended up being upgraded at the same time, resulting in authentication failures when the PAM module was being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges. Source: USN-6156-2: SSSD regression<\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-51867","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/51867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=51867"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/51867\/revisions"}],"predecessor-version":[{"id":51868,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/51867\/revisions\/51868"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=51867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=51867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=51867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}