Information on source package sssd

Available versions

ReleaseVersion
stretch1.15.0-3+deb9u1
stretch (security)1.15.0-3+deb9u2
buster1.16.3-3.2
bullseye2.4.1-2
bookworm2.4.1-2
sid2.5.2-3

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-3621fixedvulnerablevulnerablevulnerablefixedshell command injection in sssctl
CVE-2019-3811vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA vulnerability was found in sssd. If a user was configured with no ho ...
CVE-2018-16883vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedsssd versions from 1.13.0 to before 2.0.0 did not properly restrict ac ...
CVE-2018-16838vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA flaw was found in sssd Group Policy Objects implementation. When the ...
CVE-2018-10852vulnerable (no DSA)fixedfixedfixedfixedThe UNIX pipe which sudo uses to contact SSSD and read the available s ...

Resolved issues

BugDescription
CVE-2017-12173It was found that sssd's sysdb_search_user_by_upn_res() function befor ...
CVE-2015-5292Memory leak in the Privilege Attribute Certificate (PAC) responder plu ...
CVE-2014-0249The System Security Services Daemon (SSSD) 1.11.6 does not properly id ...
CVE-2013-0287The Simple Access Provider in System Security Services Daemon (SSSD) 1 ...
CVE-2013-0220The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomnt ...
CVE-2013-0219System Security Services Daemon (SSSD) before 1.9.4, when (1) creating ...
CVE-2012-3462A flaw was found in SSSD version 1.9.0. The SSSD's access-provider log ...
CVE-2011-1758The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in Sy ...
CVE-2010-4341The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in ...
CVE-2010-2940The auth_send function in providers/ldap/ldap_auth.c in System Securit ...
CVE-2010-0014System Security Services Daemon (SSSD) before 1.0.1, when the krb5 aut ...
CVE-2009-2410The local_handler_callback function in server/responder/pam/pam_LOCAL_ ...

Security announcements

DSA / DLADescription
DLA-2758-1sssd - security update
DLA-1635-1sssd - security update
DLA-1429-1sssd - security update

Search for package or bug name: Reporting problems