sssd - Debian Package Tracker

general

source: sssd (main)
version: 2.5.2-1
maintainer: Debian SSSD Team (archive) (DMD)
uploaders: Timo Aaltonen [DMD] – Dominik George [DMD]
arch: any
std-ver: 4.4.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.15.0-3+deb9u1
o-o-sec: 1.15.0-3+deb9u2
oldstable: 1.16.3-3.2
stable: 2.4.1-2
testing: 2.4.1-2
unstable: 2.5.2-1

versioned links

1.15.0-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.15.0-3+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.3-3.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libipa-hbac-dev
libipa-hbac0
libnss-sss (1 bugs: 0, 1, 0, 0)
libpam-sss (1 bugs: 0, 1, 0, 0)
libsss-certmap-dev
libsss-certmap0
libsss-idmap-dev
libsss-idmap0
libsss-nss-idmap-dev
libsss-nss-idmap0
libsss-simpleifp-dev
libsss-simpleifp0
libsss-sudo (3 bugs: 0, 3, 0, 0)
python3-libipa-hbac
python3-libsss-nss-idmap
python3-sss
sssd (23 bugs: 0, 23, 0, 0)
sssd-ad (1 bugs: 0, 1, 0, 0)
sssd-ad-common
sssd-common (3 bugs: 0, 2, 1, 0)
sssd-dbus
sssd-ipa
sssd-kcm
sssd-krb5 (1 bugs: 0, 1, 0, 0)
sssd-krb5-common
sssd-ldap (1 bugs: 0, 1, 0, 0)
sssd-proxy
sssd-tools

action needed

Marked for autoremoval on 16 October: #978904, #992710 high

Version 2.4.1-2 of sssd is marked for autoremoval from testing on Sat 16 Oct 2021. It is affected by #978904, #992710. The removal of sssd will also cause the removal of (transitive) reverse dependencies: autofs, slapi-nis. You should try to prevent the removal by fixing these RC bugs.

Created: 2021-08-24 Last update: 2021-09-20 08:35

4 security issues in buster high

There are 4 open security issues in buster.

1 important issue:

CVE-2021-3621:

3 issues left for the package maintainer to handle:

CVE-2018-16838: (needs triaging) A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
CVE-2018-16883: (needs triaging) sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
CVE-2019-3811: (needs triaging) A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-09-16 19:31

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2021-3621:

Created: 2021-08-17 Last update: 2021-09-16 19:31

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2021-3621:

Created: 2021-08-17 Last update: 2021-09-16 19:31

lintian reports 9 errors and 12 warnings high

Lintian reports 9 errors and 12 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-04-11 Last update: 2021-09-06 18:35

Depends on packages which need a new maintainer normal

The packages that sssd depends on which need a new maintainer are:

docbook-xml (#802368)
- Build-Depends: docbook-xml
docbook-xsl (#802370)
- Build-Depends: docbook-xsl
libnfsidmap (#925022)
- Build-Depends: libnfsidmap-dev
- Depends: libnfsidmap2
xml-core (#660687)
- Build-Depends: xml-core

Created: 2019-11-22 Last update: 2021-09-20 10:01

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2021-08-14 Last update: 2021-09-20 08:32

Multiarch hinter reports 16 issue(s) normal

There are issues with the multiarch metadata for this package.

libipa-hbac-dev could be marked Multi-Arch: same
libipa-hbac0 could be marked Multi-Arch: same
libsss-certmap-dev could be marked Multi-Arch: same
libsss-certmap0 could be marked Multi-Arch: same
libsss-idmap-dev could be marked Multi-Arch: same
libsss-idmap0 could be marked Multi-Arch: same
libsss-nss-idmap-dev could be marked Multi-Arch: same
libsss-nss-idmap0 could be marked Multi-Arch: same
libsss-simpleifp-dev could be marked Multi-Arch: same
libsss-simpleifp0 could be marked Multi-Arch: same
libwbclient-sssd could be marked Multi-Arch: same
libwbclient-sssd-dev could be marked Multi-Arch: same
python3-libipa-hbac could be marked Multi-Arch: same
python3-libsss-nss-idmap could be marked Multi-Arch: same
sssd-krb5 could be marked Multi-Arch: same
sssd-ldap could be marked Multi-Arch: same

Created: 2020-12-11 Last update: 2021-09-20 05:41

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-09-12 Last update: 2021-09-20 05:40

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.4.0).

Created: 2019-09-29 Last update: 2021-09-16 16:08

testing migrations

This package will soon be part of the auto-openldap transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-libsemanage transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Migration status for sssd (2.4.1-2 to 2.5.2-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating sssd introduces new bugs: #994479
- missing build on amd64
- missing build on arm64
- missing build on armel
- missing build on armhf
- missing build on i386
- missing build on mips64el
- missing build on mipsel
- missing build on ppc64el
- missing build on s390x
- arch:amd64 not built yet, autopkgtest delayed there
- arch:arm64 not built yet, autopkgtest delayed there
- arch:armhf not built yet, autopkgtest delayed there
- arch:i386 not built yet, autopkgtest delayed there
- arch:ppc64el not built yet, autopkgtest delayed there
- Too young, only 4 of 5 days old
- Additional info:
- Updating sssd fixes old bugs: #978904, #992710
- Piuparts tested OK - https://piuparts.debian.org/sid/source/s/sssd.html
- Not considered

news

[rss feed]

[2021-09-16] Accepted sssd 2.5.2-1 (source) into unstable (Timo Aaltonen)
[2021-09-15] Accepted sssd 1.15.0-3+deb9u2 (source) into oldoldstable (Anton Gladky)
[2021-02-12] sssd 2.4.1-2 MIGRATED to testing (Debian testing watch)
[2021-02-10] Accepted sssd 2.4.1-2 (source) into unstable (Timo Aaltonen)
[2021-02-10] Accepted sssd 2.4.1-1 (source) into unstable (Timo Aaltonen)
[2020-12-11] sssd 2.4.0-1 MIGRATED to testing (Debian testing watch)
[2020-12-08] Accepted sssd 2.4.0-1 (source) into unstable (Timo Aaltonen)
[2020-10-08] sssd 2.3.1-3 MIGRATED to testing (Debian testing watch)
[2020-10-06] Accepted sssd 2.3.1-3 (source) into unstable (Timo Aaltonen)
[2020-09-19] sssd 2.3.1-2 MIGRATED to testing (Debian testing watch)
[2020-09-17] Accepted sssd 2.3.1-2 (source) into unstable (Timo Aaltonen)
[2020-08-01] sssd 2.3.1-1 MIGRATED to testing (Debian testing watch)
[2020-07-28] Accepted sssd 2.3.1-1 (source) into unstable (Timo Aaltonen)
[2020-07-16] sssd 2.3.0-2 MIGRATED to testing (Debian testing watch)
[2020-07-13] Accepted sssd 2.3.0-2 (source) into unstable (Timo Aaltonen)
[2020-07-13] Accepted sssd 2.3.0-1 (source) into unstable (Timo Aaltonen)
[2020-04-23] sssd 2.2.3-3 MIGRATED to testing (Debian testing watch)
[2020-04-20] Accepted sssd 2.2.3-3 (source) into unstable (Timo Aaltonen)
[2020-03-28] sssd 2.2.3-2 MIGRATED to testing (Debian testing watch)
[2020-03-06] Accepted sssd 2.2.3-2 (source) into unstable (Timo Aaltonen)
[2020-03-05] Accepted sssd 1.16.3-3.2 (source amd64) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Thorsten Glaser)
[2020-02-23] sssd 2.2.3-1.1 MIGRATED to testing (Debian testing watch)
[2020-02-21] Accepted sssd 2.2.3-1.1 (source) into unstable (Thorsten Glaser)
[2020-02-20] Accepted sssd 2.2.3-1 (source) into unstable (Timo Aaltonen)
[2020-01-12] Accepted sssd 1.15.0-3+deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2019-10-07] sssd 2.2.2-1 MIGRATED to testing (Debian testing watch)
[2019-09-18] Accepted sssd 2.2.2-1 (source) into unstable (Timo Aaltonen)
[2019-07-23] sssd 2.2.0-4 MIGRATED to testing (Debian testing watch)
[2019-07-19] Accepted sssd 2.2.0-4 (source) into unstable (Timo Aaltonen)
[2019-07-12] Accepted sssd 2.2.0-3 (source) into unstable (Timo Aaltonen)

bugs [bug history graph]

all: 38 39
RC: 1
I&N: 35
M&W: 2 3
F&P: 0
patch: 2

links

homepage
lintian (9, 12)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (26, 48)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.4.1-2ubuntu4
28 bugs
patches for 2.4.1-2ubuntu4