An update that solves one vulnerability and has four fixes
is now available.
Description:
This update for sssd fixes the following issues:
CVE-2021-3621: Fixed shell command injection in sssctl via the
logs-fetch and cache-expire subcommand (bsc#1189492).
Add ‘ldap_ignore_unreadable_references’ parameter to skip unreadable
objects referenced by ‘member’ attributte (bsc#1190775)
Fix 32-bit libraries package. Libraries were moved from sssd to
sssd-common but baselibs.conf was not updated accordingly (bsc#1182058,
bsc#1196166)
Remove caches only when performing a package downgrade. The sssd daemon
takes care of upgrading the database format when necessary (bsc#1195552)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2763=1
SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2763=1