10 Commits

Author SHA1 Message Date
Hitendra Prajapati ecdd682b92 sssd: Fix CVE-2023-3758
A race condition flaw was found in sssd where the GPO policy is
not consistently applied for authenticated users. This may lead
to improper authorization issues, granting or denying access to
resources inappropriately.

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-3758

Upstream-patch:
https://github.com/SSSD/sssd/commit/f4ebe1408e0bc67abfbfb5f0ca2ea13803b36726

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-07-29 20:07:01 -04:00
Changqing Li ceb47a8a39 recipes: WORKDIR -> UNPACKDIR transition
* WORKDIR -> UNPACKDIR transition
* Switch away from S = WORKDIR

Signed-off-by: Changqing Li <changqing.li@windriver.com>
[Fixed up the smack changes due to prior patch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-06-17 08:25:25 -04:00
Gael PORTAY 0883649439 sssd: remove duplicate option --without-python2-bindings
The option --without-python2-bindings was added twice, by the commit
4375507f39, and then after python2 was
deprecated with the commit 96737082ad.

This removes the latter.

Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2024-06-17 08:25:25 -04:00
Armin Kuster ff8d871caf sssd: Update to 2.9.2
fixes musl build regarding time structs.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-09-25 09:45:11 -04:00
Kai Kang 782251aa8f sssd: 2.7.4 -> 2.9.1
Update sssd from 2.7.4 to 2.9.1.

* backport patch to fix interpreter of script sss_analyze
* add runtime dependency python3-systemd when systemd is enabled
* update FILES

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-08-06 11:31:18 -04:00
Armin Kuster 8a4ed4034f update sssd to 2.7.4
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2022-09-12 11:11:50 -04:00
Upgrade Helper 2ca0809282 sssd: upgrade 2.7.1 -> 2.7.3
add UPSTREAM_CHECK_URI
2022-07-30 14:11:27 -07:00
Armin Kuster caadc8672b sssd: update to 2.7.1
drop CVE-2021-3621.patch
refresh a few patches

fixup configure-unsafe globally via sed in build.m4

=== test
RESULTS - sssd.SSSDTest.test_sssd_help: PASSED (1.70s)
RESULTS - sssd.SSSDTest.test_sssd_sssctl_conf_perms_chk: PASSED (2.71s)
RESULTS - sssd.SSSDTest.test_sssd_sssctl_deamon: PASSED (2.07s)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2022-06-18 06:48:22 -07:00
Armin Kuster 23d501eb70 sssd: use example conf file
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2022-06-18 06:48:22 -07:00
Armin Kuster db3a3e87a6 sssd:move to dynamic networking-layer
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2022-06-18 06:48:22 -07:00