UbuntuUpdates.org

Package "libsss-certmap0"

Name: libsss-certmap0

Description:

Certificate mapping library for SSSD
Latest version: 2.6.3-1ubuntu3.5
Release: jammy (22.04)
Level: updates
Repository: main
Head package: sssd
Homepage: https://github.com/SSSD/sssd

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libsss-certmap0"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libsss-certmap0" in Jammy

Repository Area Version
base main 2.6.3-1ubuntu3
security main 2.6.3-1ubuntu3.3

Changelog

Version: 2.6.3-1ubuntu3.5 2025-04-23 15:07:22 UTC

  sssd (2.6.3-1ubuntu3.5) jammy; urgency=medium

  * Fix a regression in pam_sss_gss where if KRB5CCNAME was
    not set, authentication would fail. (LP: #2103623)
    - d/p/lp2103623-pam_sss_gss-KRB5CCNAME-may-be-NULL.patch

 -- Matthew Ruffell <email address hidden> Fri, 21 Mar 2025 10:11:12 +1300
Source diff to previous version
2103623 pam_sss_gss fails to work when KRB5CCNAME is not set

Version: 2.6.3-1ubuntu3.4 2024-11-05 14:07:15 UTC

  sssd (2.6.3-1ubuntu3.4) jammy; urgency=medium

  * Improve PAM smartcard support for everyday scenarios such as
    removing the smartcard mid auth, by actually respecting
    require_cert_auth and improving the messaging to the user.
    (LP: #2081129)
    - d/p/lp2081129-1-pam-add-more-checks-for-require_cert_auth.patch
    - d/p/lp2081129-2-pam-better-SC-fallback-message.patch

 -- Matthew Ruffell <email address hidden> Mon, 16 Sep 2024 15:22:16 +1200
Source diff to previous version
2081129 libpam-sss: require_cert_auth is not absolute, will fall back to password auth on smartcard removal

Version: 2.6.3-1ubuntu3.3 2024-06-17 16:07:27 UTC

  sssd (2.6.3-1ubuntu3.3) jammy-security; urgency=medium

  * SECURITY UPDATE: race when GPO policy is being applied
    - debian/patches/CVE-2023-3758.patch: use hash to store intermediate
      results in src/providers/ad/ad_gpo.c.
    - CVE-2023-3758

 -- Marc Deslauriers <email address hidden> Fri, 07 Jun 2024 10:54:47 -0400
Source diff to previous version
CVE-2023-3758 A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authoriza

Version: 2.6.3-1ubuntu3.2 2022-10-25 10:07:20 UTC

  sssd (2.6.3-1ubuntu3.2) jammy; urgency=medium

  * d/p/initialize-uid-gid-main-functions.patch: Initialize UID/GID
    variables in "main" functions, preventing inadvertent changes in
    p11_child.log file permissions. (LP: #1989356)

 -- Sergio Durigan Junior <email address hidden> Tue, 04 Oct 2022 19:04:33 -0400
Source diff to previous version
1989356 pam_sss messes up existing /var/log/sssd/p11_child.log permissions

Version: 2.6.3-1ubuntu3.1 2022-07-13 01:07:11 UTC

  sssd (2.6.3-1ubuntu3.1) jammy; urgency=medium

  * d/p/lp1934997-authentication-fails-gpo-non-existent.patch:
    Fix authentication failure when GPO is enabled and
    SecEdit/GptTmpl.inf is missing (LP: #1934997).
  * d/p/lp1979350-GPO-ignore-non-ascii-symbols-in-GPT.INI.patch:
    Ignore non-ASCII characters in GPT.INI. (LP: #1979350)
  * Fix "sssctl analyze" (LP: #1979453)
    [ Timo Aaltonen ]
    - d/{python3-libipa-hbac.install,python3-sss.install,
      sssd-tools.install,rules}: Fix Python installation directory
      path.
    [ Sergio Durigan Junior ]
    - d/p/lp1979453-fix-shebang-on-sss_analyze.patch: Fix shebang on
      sss_analyze.

 -- Sergio Durigan Junior <email address hidden> Wed, 22 Jun 2022 12:31:22 -0400
1934997 Authentication fails after upgrading sssd to 2.2.3-3ubuntu0.6
1979350 sssd can't parse GPT.INI if it contains non-ASCII characters
1979453 Wrong installation path for the sssd Python module


About   -   Send Feedback to @ubuntu_updates