Package "libsss-certmap0"

  sssd (2.6.3-1ubuntu3.4) jammy; urgency=medium

  * Improve PAM smartcard support for everyday scenarios such as
    removing the smartcard mid auth, by actually respecting
    require_cert_auth and improving the messaging to the user.
    (LP: #2081129)
    - d/p/lp2081129-1-pam-add-more-checks-for-require_cert_auth.patch
    - d/p/lp2081129-2-pam-better-SC-fallback-message.patch

 -- Matthew Ruffell <email address hidden> Mon, 16 Sep 2024 15:22:16 +1200

  sssd (2.6.3-1ubuntu3.3) jammy-security; urgency=medium

  * SECURITY UPDATE: race when GPO policy is being applied
    - debian/patches/CVE-2023-3758.patch: use hash to store intermediate
      results in src/providers/ad/ad_gpo.c.
    - CVE-2023-3758

 -- Marc Deslauriers <email address hidden> Fri, 07 Jun 2024 10:54:47 -0400

  sssd (2.6.3-1ubuntu3.2) jammy; urgency=medium

  * d/p/initialize-uid-gid-main-functions.patch: Initialize UID/GID
    variables in "main" functions, preventing inadvertent changes in
    p11_child.log file permissions. (LP: #1989356)

 -- Sergio Durigan Junior <email address hidden> Tue, 04 Oct 2022 19:04:33 -0400

  sssd (2.6.3-1ubuntu3.1) jammy; urgency=medium

  * d/p/lp1934997-authentication-fails-gpo-non-existent.patch:
    Fix authentication failure when GPO is enabled and
    SecEdit/GptTmpl.inf is missing (LP: #1934997).
  * d/p/lp1979350-GPO-ignore-non-ascii-symbols-in-GPT.INI.patch:
    Ignore non-ASCII characters in GPT.INI. (LP: #1979350)
  * Fix "sssctl analyze" (LP: #1979453)
    [ Timo Aaltonen ]
    - d/{python3-libipa-hbac.install,python3-sss.install,
      sssd-tools.install,rules}: Fix Python installation directory
      path.
    [ Sergio Durigan Junior ]
    - d/p/lp1979453-fix-shebang-on-sss_analyze.patch: Fix shebang on
      sss_analyze.

 -- Sergio Durigan Junior <email address hidden> Wed, 22 Jun 2022 12:31:22 -0400