Synopsis: Moderate: ipa security and bug fix update
Advisory ID: SLSA-2021:0860-1
Issue Date: 2021-03-16
CVE Numbers: CVE-2020-11023
—
Security Fix(es):
* jquery: Passing HTML containing
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
Bug Fix(es):
* cannot issue certs with multiple IP addresses corresponding to different
hosts
* CA-less install does not set required permissions on KDC certificate
* IdM Web UI shows users as disabled
* Authentication and login times are over several seconds due to unindexed
ipaExternalMember
* improve IPA PKI susbsystem detection by other means than a directory
presence, use pki-server subsystem-find
* IPA WebUI inaccessible after upgrading to SL 8.3 – idoverride-
memberof.js missing
—
SL7
x86_64
ipa-client-4.6.8-5.el7_9.4.x86_64.rpm
ipa-debuginfo-4.6.8-5.el7_9.4.x86_64.rpm
ipa-server-4.6.8-5.el7_9.4.x86_64.rpm
ipa-server-trust-ad-4.6.8-5.el7_9.4.x86_64.rpm
noarch
ipa-client-common-4.6.8-5.el7_9.4.noarch.rpm
ipa-common-4.6.8-5.el7_9.4.noarch.rpm
ipa-python-compat-4.6.8-5.el7_9.4.noarch.rpm
python2-ipaclient-4.6.8-5.el7_9.4.noarch.rpm
python2-ipalib-4.6.8-5.el7_9.4.noarch.rpm
ipa-server-common-4.6.8-5.el7_9.4.noarch.rpm
ipa-server-dns-4.6.8-5.el7_9.4.noarch.rpm
python2-ipaserver-4.6.8-5.el7_9.4.noarch.rpm
– Scientific Linux Development Team
