An update for sssd is now available for openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-1572 Final 1.0 1.0 2024-05-17 Initial 2024-05-17 2024-05-17 openEuler SA Tool V1.0 2024-05-17 sssd security update An update for sssd is now available for openEuler-20.03-LTS-SP4. SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. Security Fix(es): A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.(CVE-2023-3758) An update for sssd is now available for openEuler-20.03-LTS-SP4. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High sssd https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1572 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3758 https://nvd.nist.gov/vuln/detail/CVE-2023-3758 openEuler-20.03-LTS-SP4 python3-sssd-2.2.2-16.oe2003sp4.aarch64.rpm sssd-debugsource-2.2.2-16.oe2003sp4.aarch64.rpm sssd-2.2.2-16.oe2003sp4.aarch64.rpm python2-sssd-2.2.2-16.oe2003sp4.aarch64.rpm sssd-debuginfo-2.2.2-16.oe2003sp4.aarch64.rpm sssd-devel-2.2.2-16.oe2003sp4.aarch64.rpm sssd-help-2.2.2-16.oe2003sp4.noarch.rpm sssd-2.2.2-16.oe2003sp4.src.rpm python3-sssd-2.2.2-16.oe2003sp4.x86_64.rpm sssd-devel-2.2.2-16.oe2003sp4.x86_64.rpm sssd-debuginfo-2.2.2-16.oe2003sp4.x86_64.rpm sssd-2.2.2-16.oe2003sp4.x86_64.rpm sssd-debugsource-2.2.2-16.oe2003sp4.x86_64.rpm python2-sssd-2.2.2-16.oe2003sp4.x86_64.rpm A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. 2024-05-17 CVE-2023-3758 openEuler-20.03-LTS-SP4 High 7.1 AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H sssd security update 2024-05-17 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2024-1572