Information on source package sssd

Available versions

ReleaseVersion
jessie1.11.7-3
jessie (security)1.11.7-3+deb8u2
stretch1.15.0-3
buster1.16.3-3.1
sid1.16.3-3.1

Open issues

BugjessiestretchbustersidDescription
CVE-2019-3811fixedvulnerablevulnerablevulnerableA vulnerability was found in sssd. If a user was configured with no ho ...
CVE-2018-16883fixedvulnerable (no DSA)vulnerablevulnerablesssd versions from 1.13.0 to before 2.0.0 did not properly restrict ac ...
CVE-2018-16838fixedvulnerablevulnerablevulnerableA flaw was found in sssd Group Policy Objects implementation. When the ...
CVE-2018-10852fixedvulnerablevulnerablevulnerableThe UNIX pipe which sudo uses to contact SSSD and read the available s ...
CVE-2017-12173fixedvulnerablefixedfixedIt was found that sssd's sysdb_search_user_by_upn_res() function befor ...
CVE-2015-5292vulnerable (no DSA)fixedfixedfixedMemory leak in the Privilege Attribute Certificate (PAC) responder plu ...

Resolved issues

BugDescription
CVE-2014-0249The System Security Services Daemon (SSSD) 1.11.6 does not properly id ...
CVE-2013-0287The Simple Access Provider in System Security Services Daemon (SSSD) 1 ...
CVE-2013-0220The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomnt ...
CVE-2013-0219System Security Services Daemon (SSSD) before 1.9.4, when (1) creating ...
CVE-2011-1758The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in Sy ...
CVE-2010-4341The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...
CVE-2010-2940The auth_send function in providers/ldap/ldap_auth.c in System Securit ...
CVE-2010-0014System Security Services Daemon (SSSD) before 1.0.1, when the krb5 aut ...
CVE-2009-2410The local_handler_callback function in server/responder/pam/pam_LOCAL_ ...

Security announcements

DSA / DLADescription
DLA-1635-1sssd - security update
DLA-1429-1sssd - security update

Search for package or bug name: Reporting problems