jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
cvrf2cusa/cvrf/2024/cvrf-openEuler-SA-2024-1546.xml
Jia Chao 0b34274085 git mv 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-25 09:57:37 +08:00

153 lines
13 KiB
XML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
<DocumentTitle xml:lang="en">An update for sssd is now available for openEuler-20.03-LTS-SP1,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP3</DocumentTitle>
<DocumentType>Security Advisory</DocumentType>
<DocumentPublisher Type="Vendor">
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
<IssuingAuthority>openEuler security committee</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>openEuler-SA-2024-1546</ID>
</Identification>
<Status>Final</Status>
<Version>1.0</Version>
<RevisionHistory>
<Revision>
<Number>1.0</Number>
<Date>2024-05-10</Date>
<Description>Initial</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2024-05-10</InitialReleaseDate>
<CurrentReleaseDate>2024-05-10</CurrentReleaseDate>
<Generator>
<Engine>openEuler SA Tool V1.0</Engine>
<Date>2024-05-10</Date>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">sssd security update</Note>
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for sssd is now available for openEuler-20.03-LTS-SP1,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP3.</Note>
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources.
Security Fix(es):
A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.(CVE-2023-3758)</Note>
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for sssd is now available for openEuler-20.03-LTS-SP1,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">High</Note>
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">sssd</Note>
</DocumentNotes>
<DocumentReferences>
<Reference Type="Self">
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1546</URL>
</Reference>
<Reference Type="openEuler CVE">
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3758</URL>
</Reference>
<Reference Type="Other">
<URL>https://nvd.nist.gov/vuln/detail/CVE-2023-3758</URL>
</Reference>
</DocumentReferences>
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
<Branch Type="Product Name" Name="openEuler">
<FullProductName ProductID="openEuler-20.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">openEuler-20.03-LTS-SP1</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">openEuler-22.03-LTS</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">openEuler-22.03-LTS-SP1</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS-SP3" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">openEuler-22.03-LTS-SP3</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="aarch64">
<FullProductName ProductID="python2-sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-sssd-2.2.2-16.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-debugsource-2.2.2-16.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-sssd-2.2.2-16.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-devel-2.2.2-16.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-2.2.2-16.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-debuginfo-2.2.2-16.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-debugsource-2.6.1-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-2.6.1-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">python3-sssd-2.6.1-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-debuginfo-2.6.1-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-devel-2.6.1-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-2.6.1-14.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-debuginfo-2.6.1-14.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-debugsource-2.6.1-14.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-devel-2.6.1-14.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">python3-sssd-2.6.1-14.oe2203sp1.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-devel-2.6.1-14.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-debugsource-2.6.1-14.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-debuginfo-2.6.1-14.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-2.6.1-14.oe2203sp3.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">python3-sssd-2.6.1-14.oe2203sp3.aarch64.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="noarch">
<FullProductName ProductID="sssd-help-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-help-2.2.2-16.oe1.noarch.rpm</FullProductName>
<FullProductName ProductID="sssd-help-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-help-2.6.1-14.oe2203.noarch.rpm</FullProductName>
<FullProductName ProductID="sssd-help-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-help-2.6.1-14.oe2203sp1.noarch.rpm</FullProductName>
<FullProductName ProductID="sssd-help-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-help-2.6.1-14.oe2203sp3.noarch.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="src">
<FullProductName ProductID="sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-2.2.2-16.oe1.src.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-2.6.1-14.oe2203.src.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-2.6.1-14.oe2203sp1.src.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-2.6.1-14.oe2203sp3.src.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="x86_64">
<FullProductName ProductID="sssd-debugsource-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-debugsource-2.2.2-16.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-sssd-2.2.2-16.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-2.2.2-16.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-devel-2.2.2-16.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">sssd-debuginfo-2.2.2-16.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.2.2-16" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-sssd-2.2.2-16.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-2.6.1-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-debugsource-2.6.1-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">python3-sssd-2.6.1-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-debuginfo-2.6.1-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">sssd-devel-2.6.1-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-debugsource-2.6.1-14.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-devel-2.6.1-14.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">python3-sssd-2.6.1-14.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-debuginfo-2.6.1-14.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP1">sssd-2.6.1-14.oe2203sp1.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debugsource-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-debugsource-2.6.1-14.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-debuginfo-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-debuginfo-2.6.1-14.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-2.6.1-14.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="sssd-devel-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">sssd-devel-2.6.1-14.oe2203sp3.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-sssd-2.6.1-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS-SP3">python3-sssd-2.6.1-14.oe2203sp3.x86_64.rpm</FullProductName>
</Branch>
</ProductTree>
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.</Note>
</Notes>
<ReleaseDate>2024-05-10</ReleaseDate>
<CVE>CVE-2023-3758</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-22.03-LTS</ProductID>
<ProductID>openEuler-22.03-LTS-SP1</ProductID>
<ProductID>openEuler-22.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.1</BaseScore>
<Vector>AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>sssd security update</Description>
<DATE>2024-05-10</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1546</URL>
</Remediation>
</Remediations>
</Vulnerability>
</cvrfdoc>
Reference in New Issue View Git Blame Copy Permalink