Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-1319)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123559

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2013-1319)

Resumen: The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-1319 advisory.

Descripción: Summary:
The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-1319 advisory.

Vulnerability Insight:
[1.5.1-70]
- Fix IPA provider performance issue when storing large host groups
- Resolves: rhbz#979047 - sssd_be goes to 99% CPU and causes significant
login delays when client is under load

[1.5.1-69]
- Fix startup with a broken configuration
- Resolves: rhbz#974036 - sssd core process keeps running after backends quit

[1.5.1-68]
- Add a forgotten break in a switch statement
- Related: rhbz#886165 - sssd will stop functioning correctly if sssd_be
hangs for a while

[1.5.1-67]
- Fix initialization of the paging control
- Related: rhbz#886165 - sssd segfaults (sssd_be & sssd_pam) and corrupts
cache repeatedly

[1.5.1-66]
- Resolves: rhbz#961680 - sssd components seem to mishandle sighup

[1.5.1-65]
- Resolves: rhbz#959838 - CVE-2013-0219 sssd: TOCTOU race conditions by
copying and removing directory trees

[1.5.1-64]
- Free the LDAP control when following referrals
- Resolves: rhbz#820908 - SSSD stops working due to memory problems

[1.5.1-63]
- Restart services with a timeout in case they are restarted too often
- Resolves: rhbz#950156 - sssd dead but pid file exists after heavy load
presented

[1.5.1-62]
- Use the LDAP paging control more sparingly
- Related: rhbz#886165 - sssd segfaults (sssd_be & sssd_pam) and corrupts
cache repeatedly

[1.5.1-61]
- Resolves: rhbz#886165 - sssd segfaults (sssd_be & sssd_pam) and corrupts
cache repeatedly

[1.5.1-60]
- Resolves: rhbz#886165 - sssd will stop functioning correctly if sssd_be
hangs for a while

[1.5.1-59]
- Process pending requests on PAM reconnect
- Resolves: rhbz#882414 - sssd will stop perform LDAP requests for user
lookup (nss), authorization, and authentication

[1.5.1-58]
- Initialize hbac_ctx to NULL
- Resolves: rhbz#850722

[1.5.1-57]
- Process all groups from a single nesting level
- Resolves: rhbz#846664
- Backport the option to disable srchost processing
- Resolves: rhbz#841677

[1.5.1-56]
- Require libgssapiv2.so to pull in cyrus-sasl-gssapi
- Resolves: rhbz#786443

[1.5.1-55]
- Rebuild against newer libtdb
- Related: rhbz#838130 - SSSD needs to be rebuilt against newer libtdb

[1.5.1-54]
- Resolves: rhbz#797272 - sssd-1.5.1-37.el5 needs a dependency to dbus >= 1.1
- Resolves: rhbz#797300 - Logging in with ssh pub key should consult
authentication authority policies
- Resolves: rhbz#833169 - Add support for terminating idle connections in
sssd_nss
- Resolves: rhbz#783081 - sssd_be crashes during auth when there exists UTF
source host group in an hbacrule
- Resolves: rhbz#786443 - sssd on ppc64 doesn't pull cyrus-sasl-gssapi.ppc as
a dependency
- Resolves: rhbz#827469 - Unable to lookup user, group, netgroup aliases with
case_sensitive=false

[1.5.1-53]
- Resolves: rhbz#826237 - sssd_be segfaulting with IPA backend

[1.5.1-52]
- Resolves: rhbz#817073 - sssd fails to use the last AD server if other AD
servers are not reachable
- Resolves: rhbz#828190 - Infinite loop checking Kerberos ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'sssd' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
3.7

CVSS Vector:
AV:L/AC:H/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-0219
51928
http://secunia.com/advisories/51928
52315
http://secunia.com/advisories/52315
57539
http://www.securityfocus.com/bid/57539
FEDORA-2013-1795
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html
FEDORA-2013-1826
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html
RHSA-2013:0508
http://rhn.redhat.com/errata/RHSA-2013-0508.html
RHSA-2013:1319
http://rhn.redhat.com/errata/RHSA-2013-1319.html
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a
http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37
https://bugzilla.redhat.com/show_bug.cgi?id=884254
https://fedorahosted.org/sssd/ticket/1782
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123559
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-1319)
Resumen:	The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-1319 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sssd' package(s) announced via the ELSA-2013-1319 advisory. Vulnerability Insight: [1.5.1-70] - Fix IPA provider performance issue when storing large host groups - Resolves: rhbz#979047 - sssd_be goes to 99% CPU and causes significant login delays when client is under load [1.5.1-69] - Fix startup with a broken configuration - Resolves: rhbz#974036 - sssd core process keeps running after backends quit [1.5.1-68] - Add a forgotten break in a switch statement - Related: rhbz#886165 - sssd will stop functioning correctly if sssd_be hangs for a while [1.5.1-67] - Fix initialization of the paging control - Related: rhbz#886165 - sssd segfaults (sssd_be & sssd_pam) and corrupts cache repeatedly [1.5.1-66] - Resolves: rhbz#961680 - sssd components seem to mishandle sighup [1.5.1-65] - Resolves: rhbz#959838 - CVE-2013-0219 sssd: TOCTOU race conditions by copying and removing directory trees [1.5.1-64] - Free the LDAP control when following referrals - Resolves: rhbz#820908 - SSSD stops working due to memory problems [1.5.1-63] - Restart services with a timeout in case they are restarted too often - Resolves: rhbz#950156 - sssd dead but pid file exists after heavy load presented [1.5.1-62] - Use the LDAP paging control more sparingly - Related: rhbz#886165 - sssd segfaults (sssd_be & sssd_pam) and corrupts cache repeatedly [1.5.1-61] - Resolves: rhbz#886165 - sssd segfaults (sssd_be & sssd_pam) and corrupts cache repeatedly [1.5.1-60] - Resolves: rhbz#886165 - sssd will stop functioning correctly if sssd_be hangs for a while [1.5.1-59] - Process pending requests on PAM reconnect - Resolves: rhbz#882414 - sssd will stop perform LDAP requests for user lookup (nss), authorization, and authentication [1.5.1-58] - Initialize hbac_ctx to NULL - Resolves: rhbz#850722 [1.5.1-57] - Process all groups from a single nesting level - Resolves: rhbz#846664 - Backport the option to disable srchost processing - Resolves: rhbz#841677 [1.5.1-56] - Require libgssapiv2.so to pull in cyrus-sasl-gssapi - Resolves: rhbz#786443 [1.5.1-55] - Rebuild against newer libtdb - Related: rhbz#838130 - SSSD needs to be rebuilt against newer libtdb [1.5.1-54] - Resolves: rhbz#797272 - sssd-1.5.1-37.el5 needs a dependency to dbus >= 1.1 - Resolves: rhbz#797300 - Logging in with ssh pub key should consult authentication authority policies - Resolves: rhbz#833169 - Add support for terminating idle connections in sssd_nss - Resolves: rhbz#783081 - sssd_be crashes during auth when there exists UTF source host group in an hbacrule - Resolves: rhbz#786443 - sssd on ppc64 doesn't pull cyrus-sasl-gssapi.ppc as a dependency - Resolves: rhbz#827469 - Unable to lookup user, group, netgroup aliases with case_sensitive=false [1.5.1-53] - Resolves: rhbz#826237 - sssd_be segfaulting with IPA backend [1.5.1-52] - Resolves: rhbz#817073 - sssd fails to use the last AD server if other AD servers are not reachable - Resolves: rhbz#828190 - Infinite loop checking Kerberos ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'sssd' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 3.7 CVSS Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0219 51928 http://secunia.com/advisories/51928 52315 http://secunia.com/advisories/52315 57539 http://www.securityfocus.com/bid/57539 FEDORA-2013-1795 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098434.html FEDORA-2013-1826 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098613.html RHSA-2013:0508 http://rhn.redhat.com/errata/RHSA-2013-0508.html RHSA-2013:1319 http://rhn.redhat.com/errata/RHSA-2013-1319.html http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9 http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37 https://bugzilla.redhat.com/show_bug.cgi?id=884254 https://fedorahosted.org/sssd/ticket/1782 https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4
Copyright	Copyright (C) 2015 Greenbone AG