libbasicobjects, libcollection, libdhash, libini_config, libipa_hbac, libpath_utils, libref_array, libsss_idmap, libsss_nss_idmap, libsss_simpleifp, python, sssd security update

CentOS Errata and Security Advisory CESA-2018:1877

The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

The ding-libs packages contain a set of libraries used by the System Security Services Daemon (SSSD) as well as other projects, and provide functions to manipulate file system path names (libpath_utils), a hash table to manage storage and access time properties (libdhash), a data type to collect data in a hierarchical structure (libcollection), a dynamically growing, reference-counted array (libref_array), and a library to process configuration files in initialization format (INI) into a library collection data structure (libini_config).

Security Fix(es):

• sssd: unsanitized input when searching in local cache database (CVE-2017-12173)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Sumit Bose (Red Hat).

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.10 Release Notes and Red Hat Enterprise Linux 6.10 Technical Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2018-June/031515.html
https://lists.centos.org/pipermail/centos-cr-announce/2018-June/031570.html

Affected packages:
libbasicobjects
libbasicobjects-devel
libcollection
libcollection-devel
libdhash
libdhash-devel
libini_config
libini_config-devel
libipa_hbac
libipa_hbac-devel
libpath_utils
libpath_utils-devel
libref_array
libref_array-devel
libsss_idmap
libsss_idmap-devel
libsss_nss_idmap
libsss_nss_idmap-devel
libsss_simpleifp
libsss_simpleifp-devel
python-libipa_hbac
python-libsss_nss_idmap
python-sss
python-sss-murmur
python-sssdconfig
sssd
sssd-ad
sssd-client
sssd-common
sssd-common-pac
sssd-dbus
sssd-ipa
sssd-krb5
sssd-krb5-common
sssd-ldap
sssd-proxy
sssd-tools

Upstream details at:
https://access.redhat.com/errata/RHSA-2018:1877