Skip to content

sssd-1.16.5
Compare
Choose a tag to compare
@pbrezina pbrezina released this 16 Apr 09:01
· 3246 commits to master since this release
sssd-1_16_5
This tag was signed with the committer’s verified signature. The key has expired.
mzidek-gh
GPG key ID: BA88000FE6398272
Expired
Learn about vigilant mode.
c2053e9

SSSD 1.16.5

Highlights

New Features

  • New option ad_gpo_ignore_unreadable was added that allows SSSD to ignore unreadable GPO containers in AD.
  • It is possible to configure auto_private_groups per subdomain or with subdomain_inherit.

Security issues fixed

  • A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access. (CVE-2018-16838)

Notable bug fixes

  • Multiple URI specified in ldap_uri did not work properly if they differed only in port number.
  • Several issues with SUDO rules processing have been fixed.
  • SSSD sometimes incorrectly started in offline mode. This was fixed.
  • Issue with missing nested groups after add/remove operation on the sever was fixed.
  • A use-after-free error causing SSSD service to crash was fixed.

See full release notes here.

Assets 5
Loading