Issued at: 2024-01-12
Updated at: 2024-01-12
Synopsis
Moderate: idm:DL1 security update
Description
Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
Security Fix(es):
* Kerberos: delegation constrain bypass in S4U2Proxy (CVE-2020-17049)
* ipa: Invalid CSRF protection (CVE-2023-5455)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 8 aarch64
Fixes
2025721
2242828
CVEs
CVE-2020-17049
CVE-2023-5455
Affected packages
Rocky Linux 8 aarch64 - AppStream
bind-dyndb-ldap-0:11.6-4.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
bind-dyndb-ldap-0:11.6-4.module+el8.9.0+1371+ffa84eb9.src.rpm
bind-dyndb-ldap-debuginfo-0:11.6-4.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
bind-dyndb-ldap-debugsource-0:11.6-4.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.noarch.rpm
custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.src.rpm
ipa-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.src.rpm
ipa-client-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-client-common-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
ipa-client-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-client-epn-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-client-samba-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-common-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
ipa-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-debugsource-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-healthcheck-0:0.12-3.module+el8.9.0+1434+912e18bd.noarch.rpm
ipa-healthcheck-0:0.12-3.module+el8.9.0+1433+5bd2f890.src.rpm
ipa-healthcheck-core-0:0.12-3.module+el8.9.0+1433+5bd2f890.noarch.rpm
ipa-python-compat-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
ipa-selinux-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
ipa-server-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-server-common-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
ipa-server-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-server-dns-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
ipa-server-trust-ad-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
ipa-server-trust-ad-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm
opendnssec-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
opendnssec-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.src.rpm
opendnssec-debuginfo-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
opendnssec-debugsource-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
python3-custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python3-ipaclient-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
python3-ipalib-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
python3-ipaserver-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
python3-ipatests-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm
python3-jwcrypto-0:0.5.0-1.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python3-kdcproxy-0:0.4-5.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python3-pyusb-0:1.0.0-9.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python3-qrcode-0:5.1-12.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python3-qrcode-core-0:5.1-12.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python3-yubico-0:1.3.2-9.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm
python-jwcrypto-0:0.5.0-1.1.module+el8.9.0+1371+ffa84eb9.src.rpm
python-kdcproxy-0:0.4-5.module+el8.9.0+1371+ffa84eb9.src.rpm
python-qrcode-0:5.1-12.module+el8.9.0+1371+ffa84eb9.src.rpm
python-yubico-0:1.3.2-9.1.module+el8.9.0+1371+ffa84eb9.src.rpm
pyusb-0:1.0.0-9.1.module+el8.9.0+1371+ffa84eb9.src.rpm
slapi-nis-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.aarch64.rpm
slapi-nis-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.src.rpm
slapi-nis-debuginfo-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.aarch64.rpm
slapi-nis-debugsource-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.aarch64.rpm
softhsm-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
softhsm-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.src.rpm
softhsm-debuginfo-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
softhsm-debugsource-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm
softhsm-devel-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm