rpms / sssd

Clone
Source Code
GIT

b1aca93 Resolves: upstream#3766 - CVE-2018-10852: information leak from the sssd-sudo responder

Authored and Committed by Fabiano FidĂȘncio 5 years ago
raw patch tree parent
21 files changed. 3480 lines added. 2 lines removed.
0001-krb5-locator-add-support-for-multiple-addresses.patch
file added
+468
0002-krb5-locator-fix-IPv6-support.patch
file added
+65
0003-krb5-locator-make-plugin-more-robust.patch
file added
+35
0004-krb5-locator-add-unit-tests.patch
file added
+724
0005-AD-IPA-Create-kdcinfo-file-for-sub-domains.patch
file added
+148
0006-krb5-refactor-removal-of-krb5info-files.patch
file added
+493
0007-krb5_common-add-callback-only-once.patch
file added
+86
0008-data-provider-run-offline-callbacks-only-once.patch
file added
+95
0009-TESTS-Extend-the-schema-with-sshPublicKey-attribute.patch
file added
+62
0010-TESTS-Allow-adding-sshPublicKey-for-users.patch
file added
+78
0011-TESTS-Add-a-basic-SSH-responder-test.patch
file added
+276
0012-SSH-Do-not-exit-abruptly-if-SSHD-closes-its-end-of-t.patch
file added
+88
0013-TESTS-Add-a-helper-binary-that-can-trigger-the-SIGPI.patch
file added
+213
0014-TESTS-Add-a-regression-test-for-SIGHUP-handling-in-s.patch
file added
+94
0015-Revert-LDAP-IPA-add-local-email-address-to-aliases.patch
file added
+141
0016-util-Remove-the-unused-function-is_email_from_domain.patch
file added
+117
0017-TESTS-Allow-storing-e-mail-address-for-users.patch
file added
+65
0018-TESTS-Add-regression-test-for-looking-up-users-with-.patch
file added
+93
0019-MAN-Remove-outdated-notes-from-the-re_expression-des.patch
file added
+47
0020-SUDO-Create-the-socket-with-stricter-permissions.patch
file added
+55
sssd.spec
file modified
+37 -2 
    Resolves: upstream#3766 - CVE-2018-10852: information leak from the sssd-sudo responder
    
    And also ...
    
    - Related: upstream#941 - return multiple server addresses to the Kerberos
                              locator plugin
    - Related: upstream#3652 - kdcinfo doesn't get populated for other domains
    - Resolves: upstream#3747 - sss_ssh_authorizedkeys exits abruptly if SSHD
                                closes its end of the pipe before reading all the
                                SSH keys
    - Resolves: upstream#3607 - Handle conflicting e-mail addresses more gracefully
    - Resolves: upstream#3754 - SSSD AD uses LDAP filter to detect POSIX attributes
                                stored in AD GC also for regular AD DC queries
    - Related: upstream#3219 - [RFE] Regular expression used in sssd.conf not being
                               able to consume an @-sign in the user/group name.
    
    Signed-off-by: Fabiano FidĂȘncio <fidencio@redhat.com>
    (cherry picked from commit 68ef824a5fc441c038a6791b7ef39941357a548b)
    (cherry picked from commit f311832a06a201ae94d57d80b9e1e84231208cd7)
file added
+468
file added
+65
file added
+35
file added
+724
file added
+148
file added
+493
file added
+86
file added
+95
file added
+62
file added
+78
file added
+276
file added
+88
file added
+213
file added
+94
file added
+141
file added
+117
file added
+65
file added
+93
file added
+47
file added
+55
file modified
+37 -2
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.