Debian Patches

Status for sssd/2.8.2-4+deb12u1

Patch Description Author Forwarded Bugs Origin Last update
fix-whitespace-test.diff diff --git a/src/tests/whitespace_test b/src/tests/whitespace_test
index f055ed4c2..fa95494be 100755		 no
default-to-socket-activated-services.diff no
fix-shebang-on-sss_analyze.patch Fix shebang on sss_analyze
s/python/python3/		 Sergio Durigan Junior <sergiodj@debian.org> not-needed 2022-06-22
0004-Makefile-Install-dbus-policy-in-usr-not-etc.patch Makefile: Install dbus policy in /usr, not /etc
From <https://bugs.debian.org/1006631>:

> dbus supports policy files in both `/usr/share/dbus-1/system.d` and
> `/etc/dbus-1/systemd`. [The] recently released dbus 1.14.0, officially
> deprecates installing packages' default policies into `/etc/dbus-1/systemd`,
> instead reserving it for the sysadmin. This is the same idea as the
> difference between `/usr/lib/udev/rules.d` and `/etc/udev/rules.d`.		 Gioele Barabucci <gioele@svario.it> yes 2023-02-18
CVE-2023-3758.patch ad-gpo: use hash to store intermediate results
Currently after the evaluation of a single GPO file the intermediate
results are stored in the cache and this cache entry is updated until
all applicable GPO files are evaluated. Finally the data in the cache is
used to make the decision of access is granted or rejected.

If there are two or more access-control request running in parallel one
request might overwrite the cache object with intermediate data while
another request reads the cached data for the access decision and as a
result will do this decision based on intermediate data.

To avoid this the intermediate results are not stored in the cache
anymore but in hash tables which are specific to the request. Only the
final result is written to the cache to have it available for offline
authentication.		 Sumit Bose <sbose@redhat.com> yes debian upstream https://github.com/SSSD/sssd/commit/f4ebe1408e0bc67abfbfb5f0ca2ea13803b36726 2023-11-08

All known versions for source package 'sssd'

Links