An update for sssd is now available for openEuler-20.03-LTS-SP1,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-1546 Final 1.0 1.0 2024-05-10 Initial 2024-05-10 2024-05-10 openEuler SA Tool V1.0 2024-05-10 sssd security update An update for sssd is now available for openEuler-20.03-LTS-SP1,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP3. SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. Security Fix(es): A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.(CVE-2023-3758) An update for sssd is now available for openEuler-20.03-LTS-SP1,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP3. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High sssd https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1546 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3758 https://nvd.nist.gov/vuln/detail/CVE-2023-3758 openEuler-20.03-LTS-SP1 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP3 python2-sssd-2.2.2-16.oe1.aarch64.rpm sssd-debugsource-2.2.2-16.oe1.aarch64.rpm python3-sssd-2.2.2-16.oe1.aarch64.rpm sssd-devel-2.2.2-16.oe1.aarch64.rpm sssd-2.2.2-16.oe1.aarch64.rpm sssd-debuginfo-2.2.2-16.oe1.aarch64.rpm sssd-debugsource-2.6.1-14.oe2203.aarch64.rpm sssd-2.6.1-14.oe2203.aarch64.rpm python3-sssd-2.6.1-14.oe2203.aarch64.rpm sssd-debuginfo-2.6.1-14.oe2203.aarch64.rpm sssd-devel-2.6.1-14.oe2203.aarch64.rpm sssd-2.6.1-14.oe2203sp1.aarch64.rpm sssd-debuginfo-2.6.1-14.oe2203sp1.aarch64.rpm sssd-debugsource-2.6.1-14.oe2203sp1.aarch64.rpm sssd-devel-2.6.1-14.oe2203sp1.aarch64.rpm python3-sssd-2.6.1-14.oe2203sp1.aarch64.rpm sssd-devel-2.6.1-14.oe2203sp3.aarch64.rpm sssd-debugsource-2.6.1-14.oe2203sp3.aarch64.rpm sssd-debuginfo-2.6.1-14.oe2203sp3.aarch64.rpm sssd-2.6.1-14.oe2203sp3.aarch64.rpm python3-sssd-2.6.1-14.oe2203sp3.aarch64.rpm sssd-help-2.2.2-16.oe1.noarch.rpm sssd-help-2.6.1-14.oe2203.noarch.rpm sssd-help-2.6.1-14.oe2203sp1.noarch.rpm sssd-help-2.6.1-14.oe2203sp3.noarch.rpm sssd-2.2.2-16.oe1.src.rpm sssd-2.6.1-14.oe2203.src.rpm sssd-2.6.1-14.oe2203sp1.src.rpm sssd-2.6.1-14.oe2203sp3.src.rpm sssd-debugsource-2.2.2-16.oe1.x86_64.rpm python2-sssd-2.2.2-16.oe1.x86_64.rpm sssd-2.2.2-16.oe1.x86_64.rpm sssd-devel-2.2.2-16.oe1.x86_64.rpm sssd-debuginfo-2.2.2-16.oe1.x86_64.rpm python3-sssd-2.2.2-16.oe1.x86_64.rpm sssd-2.6.1-14.oe2203.x86_64.rpm sssd-debugsource-2.6.1-14.oe2203.x86_64.rpm python3-sssd-2.6.1-14.oe2203.x86_64.rpm sssd-debuginfo-2.6.1-14.oe2203.x86_64.rpm sssd-devel-2.6.1-14.oe2203.x86_64.rpm sssd-debugsource-2.6.1-14.oe2203sp1.x86_64.rpm sssd-devel-2.6.1-14.oe2203sp1.x86_64.rpm python3-sssd-2.6.1-14.oe2203sp1.x86_64.rpm sssd-debuginfo-2.6.1-14.oe2203sp1.x86_64.rpm sssd-2.6.1-14.oe2203sp1.x86_64.rpm sssd-debugsource-2.6.1-14.oe2203sp3.x86_64.rpm sssd-debuginfo-2.6.1-14.oe2203sp3.x86_64.rpm sssd-2.6.1-14.oe2203sp3.x86_64.rpm sssd-devel-2.6.1-14.oe2203sp3.x86_64.rpm python3-sssd-2.6.1-14.oe2203sp3.x86_64.rpm A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. 2024-05-10 CVE-2023-3758 openEuler-20.03-LTS-SP1 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP3 High 7.1 AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H sssd security update 2024-05-10 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1546