realmd (SL7)

Synopsis: Moderate: realmd security, bug fix, and enhancement update
Advisory ID: SLSA-2015:2184-7
Issue Date: 2015-11-19
CVE Numbers: CVE-2015-2704

A flaw was found in the way realmd parsed certain input when writing
configuration into the sssd.conf or smb.conf file. A remote attacker could
use this flaw to inject arbitrary configurations into these files via a
newline character in an LDAP response. (CVE-2015-2704)

It was found that the realm client would try to automatically join an
active directory domain without authentication, which could potentially
lead to privilege escalation within a specified domain.

The realmd packages have been upgraded to upstream version 0.16.1, which
provides a number of bug fixes and enhancements over the previous version.

This update also fixes the following bugs:

* Joining a Scientific Linux machine to a domain using the realm utility
creates /home/domainname/[username]/ directories for domain users.
Previously, SELinux labeled the domain users’ directories incorrectly. As
a consequence, the domain users sometimes experienced problems with
SELinux policy. This update modifies the realmd service default behavior
so that the domain users’ directories are compatible with the standard
SELinux policy.

* Previously, the realm utility was unable to join or discover domains
with domain names containing underscore (_). The realmd service has been
modified to process underscores in domain names correctly, which fixes the
described bug.

In addition, this update adds the following enhancement:

* The realmd utility now allows the user to disable automatic ID mapping
from the command line. To disable the mapping, pass the “–automatic-id-
mapping=no” option to the realmd utility.


– Scientific Linux Development Team