sssd - Debian Package Tracker

general

source: sssd (main)
version: 2.6.3-3
maintainer: Debian SSSD Team (archive) (DMD)
uploaders: Timo Aaltonen [DMD] – Dominik George [DMD]
arch: any
std-ver: 4.4.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.15.0-3+deb9u1
o-o-sec: 1.15.0-3+deb9u2
oldstable: 1.16.3-3.2
stable: 2.4.1-2
testing: 2.6.3-3
unstable: 2.6.3-3

versioned links

1.15.0-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.15.0-3+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.3-3.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.3-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libipa-hbac-dev
libipa-hbac0
libnss-sss (2 bugs: 0, 2, 0, 0)
libpam-sss (3 bugs: 0, 3, 0, 0)
libsss-certmap-dev
libsss-certmap0
libsss-idmap-dev
libsss-idmap0
libsss-nss-idmap-dev
libsss-nss-idmap0
libsss-simpleifp-dev
libsss-simpleifp0
libsss-sudo (3 bugs: 0, 3, 0, 0)
python3-libipa-hbac
python3-libsss-nss-idmap
python3-sss
sssd (24 bugs: 0, 24, 0, 0)
sssd-ad (1 bugs: 0, 1, 0, 0)
sssd-ad-common (1 bugs: 0, 1, 0, 0)
sssd-common (3 bugs: 0, 2, 1, 0)
sssd-dbus
sssd-ipa
sssd-kcm
sssd-krb5 (2 bugs: 0, 2, 0, 0)
sssd-krb5-common
sssd-ldap (2 bugs: 0, 2, 0, 0)
sssd-proxy
sssd-tools

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:00:52
Last run: 2022-05-17T12:17:52.000Z
Previous status: fail

testing: pass (log)
The tests ran in 0:00:55
Last run: 2022-05-12T18:09:49.000Z
Previous status: pass

stable: pass (log)
The tests ran in 0:01:01
Last run: 2022-05-02T02:29:53.000Z
Previous status: pass

Created: 2022-05-07 Last update: 2022-05-18 11:42

Multiarch hinter reports 4 issue(s) high

There are issues with the multiarch metadata for this package.

libpam-sss conflicts on 2 files starting with /usr/share/man/man8/pam_sss on s390x <-> amd64, arm64, armel, and 5 more
libipa-hbac0 could be marked Multi-Arch: same
libsss-idmap0 could be marked Multi-Arch: same
libsss-nss-idmap0 could be marked Multi-Arch: same

Created: 2022-04-01 Last update: 2022-05-18 06:04

A new upstream version is available: 2.7.0 high

A new upstream version 2.7.0 is available, you should consider packaging it.

Created: 2022-04-18 Last update: 2022-05-18 06:03

lintian reports 24 warnings high

Lintian reports 24 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-04-11 Last update: 2022-01-01 04:35

Depends on packages which need a new maintainer normal

The packages that sssd depends on which need a new maintainer are:

popt (#995268)
- Depends: libpopt0 libpopt0 libpopt0 libpopt0 libpopt0 libpopt0 libpopt0 libpopt0 libpopt0 libpopt0
- Build-Depends: libpopt-dev
xml-core (#660687)
- Build-Depends: xml-core

Created: 2019-11-22 Last update: 2022-05-18 11:39

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2021-08-14 Last update: 2022-05-18 11:03

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2022-03-18 Last update: 2022-05-18 06:04

4 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 6dffd5ff6559b9cc62521be3ddab0ccf8273de7c
Author: Timo Aaltonen <tjaalton@debian.org>
Date:   Sun Apr 10 10:57:35 2022 +0300

    releasing package sssd version 2.6.3-3

commit e1585ce9305f94f880126edcc7a35d26853693dc
Author: Timo Aaltonen <tjaalton@debian.org>
Date:   Sun Apr 10 10:31:10 2022 +0300

    rules: Drop --with-ldb-dir, use the default value from the pkgconfig file. (Closes: #1009223)

commit b91487b9c4560423270e93fb373cd7bff128b62b
Author: Timo Aaltonen <tjaalton@debian.org>
Date:   Sat Apr 9 20:47:47 2022 +0300

    tests: fix checking for systemctl status

commit d84f78853be6f3f14d1950ecf103dcb4f26d9dde
Author: Timo Aaltonen <tjaalton@debian.org>
Date:   Sat Apr 9 16:12:14 2022 +0300

    tests: Dump the daemon status after restart, hoping to see what the error is if it fails to start.

Created: 2022-04-09 Last update: 2022-05-14 00:55

4 low-priority security issues in buster low

There are 4 open security issues in buster.

4 issues left for the package maintainer to handle:

CVE-2019-3811: (needs triaging) A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
CVE-2021-3621: (needs triaging) A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2018-16838: (needs triaging) A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
CVE-2018-16883: (needs triaging) sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2022-04-19 19:05

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-3621: (needs triaging) A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into running a specially crafted sssctl command, such as via sudo, to gain root access. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

You can find information about how to handle this issue in the security team's documentation.

Created: 2021-08-17 Last update: 2022-04-19 19:05

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.4.0).

Created: 2019-09-29 Last update: 2022-05-11 23:24

testing migrations

This package is part of the ongoing testing transition known as auto-openssl. Please avoid uploads unrelated to this transition, they would likely delay it and require supplementary work from the release managers. On the other hand, if your package has problems preventing it to migrate to testing, please fix them as soon as possible. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2022-04-20] sssd 2.6.3-3 MIGRATED to testing (Debian testing watch)
[2022-04-10] Accepted sssd 2.6.3-3 (source) into unstable (Timo Aaltonen)
[2022-03-29] Accepted sssd 2.6.3-2 (source) into unstable (Timo Aaltonen)
[2022-02-13] sssd 2.6.3-1 MIGRATED to testing (Debian testing watch)
[2022-02-11] Accepted sssd 2.6.3-1 (source) into unstable (Timo Aaltonen)
[2021-11-24] sssd 2.6.1-1 MIGRATED to testing (Debian testing watch)
[2021-11-17] Accepted sssd 2.6.1-1 (source) into unstable (Timo Aaltonen)
[2021-11-14] sssd 2.5.2-5 MIGRATED to testing (Debian testing watch)
[2021-11-12] Accepted sssd 2.5.2-5 (source) into unstable (Timo Aaltonen)
[2021-10-15] sssd 2.5.2-4 MIGRATED to testing (Debian testing watch)
[2021-10-12] Accepted sssd 2.5.2-4 (source) into unstable (Timo Aaltonen)
[2021-09-25] sssd 2.5.2-3 MIGRATED to testing (Debian testing watch)
[2021-09-22] Accepted sssd 2.5.2-3 (source) into unstable (Timo Aaltonen)
[2021-09-20] Accepted sssd 2.5.2-2 (source) into unstable (Timo Aaltonen)
[2021-09-16] Accepted sssd 2.5.2-1 (source) into unstable (Timo Aaltonen)
[2021-09-15] Accepted sssd 1.15.0-3+deb9u2 (source) into oldoldstable (Anton Gladky)
[2021-02-12] sssd 2.4.1-2 MIGRATED to testing (Debian testing watch)
[2021-02-10] Accepted sssd 2.4.1-2 (source) into unstable (Timo Aaltonen)
[2021-02-10] Accepted sssd 2.4.1-1 (source) into unstable (Timo Aaltonen)
[2020-12-11] sssd 2.4.0-1 MIGRATED to testing (Debian testing watch)
[2020-12-08] Accepted sssd 2.4.0-1 (source) into unstable (Timo Aaltonen)
[2020-10-08] sssd 2.3.1-3 MIGRATED to testing (Debian testing watch)
[2020-10-06] Accepted sssd 2.3.1-3 (source) into unstable (Timo Aaltonen)
[2020-09-19] sssd 2.3.1-2 MIGRATED to testing (Debian testing watch)
[2020-09-17] Accepted sssd 2.3.1-2 (source) into unstable (Timo Aaltonen)
[2020-08-01] sssd 2.3.1-1 MIGRATED to testing (Debian testing watch)
[2020-07-28] Accepted sssd 2.3.1-1 (source) into unstable (Timo Aaltonen)
[2020-07-16] sssd 2.3.0-2 MIGRATED to testing (Debian testing watch)
[2020-07-13] Accepted sssd 2.3.0-2 (source) into unstable (Timo Aaltonen)
[2020-07-13] Accepted sssd 2.3.0-1 (source) into unstable (Timo Aaltonen)

bugs [bug history graph]

all: 44 45
RC: 0
I&N: 42
M&W: 2 3
F&P: 0
patch: 2

links

homepage
lintian (0, 24)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (30, 50)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.6.3-1ubuntu3
27 bugs
patches for 2.6.3-1ubuntu3