Debian Package Tracker
Register | Log in
Subscribe

sssd

System Security Services Daemon -- metapackage

Choose email to subscribe with

general
  • source: sssd (main)
  • version: 2.4.0-1
  • maintainer: Debian SSSD Team (archive) (DMD)
  • uploaders: Timo Aaltonen [DMD] – Dominik George [DMD]
  • arch: any
  • std-ver: 4.4.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.11.7-3
  • o-o-sec: 1.11.7-3+deb8u2
  • oldstable: 1.15.0-3+deb9u1
  • stable: 1.16.3-3.2
  • testing: 2.4.0-1
  • unstable: 2.4.0-1
versioned links
  • 1.11.7-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.11.7-3+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.15.0-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.16.3-3.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.4.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libipa-hbac-dev
  • libipa-hbac0
  • libnss-sss (1 bugs: 0, 1, 0, 0)
  • libpam-sss (1 bugs: 0, 1, 0, 0)
  • libsss-certmap-dev
  • libsss-certmap0
  • libsss-idmap-dev
  • libsss-idmap0
  • libsss-nss-idmap-dev
  • libsss-nss-idmap0
  • libsss-simpleifp-dev
  • libsss-simpleifp0
  • libsss-sudo (3 bugs: 0, 3, 0, 0)
  • libwbclient-sssd
  • libwbclient-sssd-dev
  • python3-libipa-hbac
  • python3-libsss-nss-idmap
  • python3-sss
  • sssd (24 bugs: 0, 24, 0, 0)
  • sssd-ad (1 bugs: 0, 1, 0, 0)
  • sssd-ad-common
  • sssd-common (2 bugs: 0, 2, 0, 0)
  • sssd-dbus
  • sssd-ipa
  • sssd-kcm (1 bugs: 0, 1, 0, 0)
  • sssd-krb5 (3 bugs: 0, 3, 0, 0)
  • sssd-krb5-common
  • sssd-ldap (1 bugs: 0, 1, 0, 0)
  • sssd-proxy
  • sssd-tools
action needed
3 bugs tagged patch in the BTS normal
The BTS contains patches fixing 3 bugs, consider including or untagging them.
Created: 2020-10-19 Last update: 2021-01-24 21:32
Depends on packages which need a new maintainer normal
The packages that sssd depends on which need a new maintainer are:
  • docbook-xml (#802368)
    • Build-Depends: docbook-xml
  • docbook-xsl (#802370)
    • Build-Depends: docbook-xsl
  • libnfsidmap (#925022)
    • Build-Depends: libnfsidmap-dev
    • Depends: libnfsidmap2
  • xml-core (#660687)
    • Build-Depends: xml-core
Created: 2019-11-22 Last update: 2021-01-24 20:37
Multiarch hinter reports 16 issue(s) normal
There are issues with the multiarch metadata for this package.
  • libipa-hbac-dev could be marked Multi-Arch: same
  • libipa-hbac0 could be marked Multi-Arch: same
  • libsss-certmap-dev could be marked Multi-Arch: same
  • libsss-certmap0 could be marked Multi-Arch: same
  • libsss-idmap-dev could be marked Multi-Arch: same
  • libsss-idmap0 could be marked Multi-Arch: same
  • libsss-nss-idmap-dev could be marked Multi-Arch: same
  • libsss-nss-idmap0 could be marked Multi-Arch: same
  • libsss-simpleifp-dev could be marked Multi-Arch: same
  • libsss-simpleifp0 could be marked Multi-Arch: same
  • libwbclient-sssd could be marked Multi-Arch: same
  • libwbclient-sssd-dev could be marked Multi-Arch: same
  • python3-libipa-hbac could be marked Multi-Arch: same
  • python3-libsss-nss-idmap could be marked Multi-Arch: same
  • sssd-krb5 could be marked Multi-Arch: same
  • sssd-ldap could be marked Multi-Arch: same
Created: 2020-12-11 Last update: 2021-01-24 18:33
version in VCS is newer than in repository, is it time to upload? normal
vcswatch reports that this package seems to have a new changelog entry (version 2.4.0-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:
commit 33e94cc5761b1448dcb027884dee03d65d29ea13
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 17:52:02 2020 +0100

    debian/changelog: Update

commit c56c71f7f4bec23a14b67f348cd0941ab91a7761
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 17:38:12 2020 +0100

    debian/control: Enable libcmocka (and so unit tests) all the archs

commit 997edf302a24d00d6917fc65fa7bd59da5867f42
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 16:13:18 2020 +0100

    debian/rules: Enable tests again

commit 3b2ba3c2acf8acf8363bf9da701f14b695250165
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 16:12:50 2020 +0100

    debian/patches: Get libsofthsm2 from right path for each architecture

commit 10969a2905ee0f95e7e7267900a7ac7bb274bfc1
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 15:59:30 2020 +0100

    debian/control: Add missing test dependencies

commit 0c12c246ae5f4eefe31aee6c41051208695a0f78
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 15:51:46 2020 +0100

    debian/rules: Don't run tests if nocheck is set

commit 3fb4a344ad3340409e27feff791863a342989e67
Author: Marco Trevisan (Treviño) <mail@3v1n0.net>
Date:   Wed Dec 16 15:49:30 2020 +0100

    debian/control: Mark test packages as <!nocheck>
Created: 2021-01-12 Last update: 2021-01-18 01:04
lintian reports 12 warnings normal
Lintian reports 12 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2020-07-29 Last update: 2020-09-21 06:04
4 ignored security issues in stretch low
There are 4 open security issues in stretch.
4 issues skipped by the security teams:
  • CVE-2018-10852: The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.
  • CVE-2018-16838: A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
  • CVE-2018-16883: sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
  • CVE-2019-3811: A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
Please fix them.
Created: 2017-10-05 Last update: 2020-12-11 05:34
3 ignored security issues in buster low
There are 3 open security issues in buster.
3 issues skipped by the security teams:
  • CVE-2018-16838: A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
  • CVE-2018-16883: sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.
  • CVE-2019-3811: A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
Please fix them.
Created: 2018-06-26 Last update: 2020-12-11 05:34
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.4.0).
Created: 2019-09-29 Last update: 2020-12-09 08:37
testing migrations
  • This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
news
[rss feed]
  • [2020-12-11] sssd 2.4.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-12-08] Accepted sssd 2.4.0-1 (source) into unstable (Timo Aaltonen)
  • [2020-10-08] sssd 2.3.1-3 MIGRATED to testing (Debian testing watch)
  • [2020-10-06] Accepted sssd 2.3.1-3 (source) into unstable (Timo Aaltonen)
  • [2020-09-19] sssd 2.3.1-2 MIGRATED to testing (Debian testing watch)
  • [2020-09-17] Accepted sssd 2.3.1-2 (source) into unstable (Timo Aaltonen)
  • [2020-08-01] sssd 2.3.1-1 MIGRATED to testing (Debian testing watch)
  • [2020-07-28] Accepted sssd 2.3.1-1 (source) into unstable (Timo Aaltonen)
  • [2020-07-16] sssd 2.3.0-2 MIGRATED to testing (Debian testing watch)
  • [2020-07-13] Accepted sssd 2.3.0-2 (source) into unstable (Timo Aaltonen)
  • [2020-07-13] Accepted sssd 2.3.0-1 (source) into unstable (Timo Aaltonen)
  • [2020-04-23] sssd 2.2.3-3 MIGRATED to testing (Debian testing watch)
  • [2020-04-20] Accepted sssd 2.2.3-3 (source) into unstable (Timo Aaltonen)
  • [2020-03-28] sssd 2.2.3-2 MIGRATED to testing (Debian testing watch)
  • [2020-03-06] Accepted sssd 2.2.3-2 (source) into unstable (Timo Aaltonen)
  • [2020-03-05] Accepted sssd 1.16.3-3.2 (source amd64) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Thorsten Glaser)
  • [2020-02-23] sssd 2.2.3-1.1 MIGRATED to testing (Debian testing watch)
  • [2020-02-21] Accepted sssd 2.2.3-1.1 (source) into unstable (Thorsten Glaser)
  • [2020-02-20] Accepted sssd 2.2.3-1 (source) into unstable (Timo Aaltonen)
  • [2020-01-12] Accepted sssd 1.15.0-3+deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
  • [2019-10-07] sssd 2.2.2-1 MIGRATED to testing (Debian testing watch)
  • [2019-09-18] Accepted sssd 2.2.2-1 (source) into unstable (Timo Aaltonen)
  • [2019-07-23] sssd 2.2.0-4 MIGRATED to testing (Debian testing watch)
  • [2019-07-19] Accepted sssd 2.2.0-4 (source) into unstable (Timo Aaltonen)
  • [2019-07-12] Accepted sssd 2.2.0-3 (source) into unstable (Timo Aaltonen)
  • [2019-07-10] Accepted sssd 2.2.0-2 (source) into unstable (Timo Aaltonen)
  • [2019-07-10] Accepted sssd 2.2.0-1 (source) into unstable (Timo Aaltonen)
  • [2019-05-27] Accepted sssd 2.1.0-1 (source) into experimental (Timo Aaltonen)
  • [2019-04-03] Accepted sssd 1.16.4-1~exp1 (source) into experimental (Timo Aaltonen)
  • [2019-03-06] sssd 1.16.3-3.1 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 41 42
  • RC: 0
  • I&N: 40
  • M&W: 1 2
  • F&P: 0
  • patch: 3
links
  • homepage
  • lintian (0, 12)
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • l10n (25, 47)
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.4.0-1ubuntu3
  • 26 bugs (1 patch)
  • patches for 2.4.0-1ubuntu3

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing