[ubuntu/impish-proposed] sssd 2.4.1-2ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Aug 18 13:48:13 UTC 2021 

sssd (2.4.1-2ubuntu3) impish; urgency=medium

  * SECURITY UPDATE: shell command injection in sssctl comment
    - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
      avoid execution of user supplied command in
      src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
      src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
    - CVE-2021-3621

Date: Wed, 18 Aug 2021 08:13:38 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/sssd/2.4.1-2ubuntu3
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Aug 2021 08:13:38 -0400
Source: sssd
Built-For-Profiles: noudeb
Architecture: source
Version: 2.4.1-2ubuntu3
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 sssd (2.4.1-2ubuntu3) impish; urgency=medium
 .
   * SECURITY UPDATE: shell command injection in sssctl comment
     - debian/patches/CVE-2021-3621.patch: replace system() with execvp() to
       avoid execution of user supplied command in
       src/tools/sssctl/sssctl.c, src/tools/sssctl/sssctl.h,
       src/tools/sssctl/sssctl_data.c, src/tools/sssctl/sssctl_logs.c.
     - CVE-2021-3621
Checksums-Sha1:
 9ed58205dc308621707462e4ce8ad4bc3ae64ffb 5208 sssd_2.4.1-2ubuntu3.dsc
 6875c8512b163b7742307b87bce84d4ea6328d61 39032 sssd_2.4.1-2ubuntu3.debian.tar.xz
 c10beb4e7ce36a9e25d9b06248a96110a43f3de3 12992 sssd_2.4.1-2ubuntu3_source.buildinfo
Checksums-Sha256:
 4197042ca27bcfa528cde4b9a53e26f4c22e210ce21160144811f176b0c36b30 5208 sssd_2.4.1-2ubuntu3.dsc
 c660109c6523eb4313e608c0e079830dd202ee21e7a4198c679f9bdf6afc3502 39032 sssd_2.4.1-2ubuntu3.debian.tar.xz
 e705e0d297476cdb9bc01c66ce8a5ff1eb97e04c53587b4b1faf1be4857f7264 12992 sssd_2.4.1-2ubuntu3_source.buildinfo
Files:
 6a105a0fad9725b4ef6aee00fb5eeef3 5208 utils optional sssd_2.4.1-2ubuntu3.dsc
 40e44509ea4656f5f67be6d8b20275b4 39032 utils optional sssd_2.4.1-2ubuntu3.debian.tar.xz
 34daf17248e30c9f52bcef3512a201cf 12992 utils optional sssd_2.4.1-2ubuntu3_source.buildinfo
Original-Maintainer: Debian SSSD Team <pkg-sssd-devel at alioth-lists.debian.net>

More information about the impish-changes mailing list