[Apollo] Advisories Statistics light light Login

RLSA-2024:0143

Security Mirrored from RHSA-2024:0143
Issued at: 2024-01-12
Updated at: 2024-01-12

Synopsis

Moderate: idm:DL1 security update



Description

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

Security Fix(es):

* Kerberos: delegation constrain bypass in S4U2Proxy (CVE-2020-17049)

* ipa: Invalid CSRF protection (CVE-2023-5455)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64

Fixes

2025721 2242828

CVEs

CVE-2020-17049 CVE-2023-5455

Affected packages

Rocky Linux 8 aarch64 - AppStream

bind-dyndb-ldap-0:11.6-4.module+el8.9.0+1371+ffa84eb9.aarch64.rpm bind-dyndb-ldap-0:11.6-4.module+el8.9.0+1371+ffa84eb9.src.rpm bind-dyndb-ldap-debuginfo-0:11.6-4.module+el8.9.0+1371+ffa84eb9.aarch64.rpm bind-dyndb-ldap-debugsource-0:11.6-4.module+el8.9.0+1371+ffa84eb9.aarch64.rpm custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.noarch.rpm custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.src.rpm ipa-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.src.rpm ipa-client-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-client-common-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm ipa-client-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-client-epn-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-client-samba-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-common-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm ipa-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-debugsource-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-healthcheck-0:0.12-3.module+el8.9.0+1434+912e18bd.noarch.rpm ipa-healthcheck-0:0.12-3.module+el8.9.0+1433+5bd2f890.src.rpm ipa-healthcheck-core-0:0.12-3.module+el8.9.0+1433+5bd2f890.noarch.rpm ipa-python-compat-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm ipa-selinux-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm ipa-server-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-server-common-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm ipa-server-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-server-dns-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm ipa-server-trust-ad-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm ipa-server-trust-ad-debuginfo-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.aarch64.rpm opendnssec-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.aarch64.rpm opendnssec-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.src.rpm opendnssec-debuginfo-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.aarch64.rpm opendnssec-debugsource-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.aarch64.rpm python3-custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-ipaclient-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm python3-ipalib-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm python3-ipaserver-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm python3-ipatests-0:4.9.12-11.module+el8.9.0+1652+4ee71f6a.noarch.rpm python3-jwcrypto-0:0.5.0-1.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-kdcproxy-0:0.4-5.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-pyusb-0:1.0.0-9.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-qrcode-0:5.1-12.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-qrcode-core-0:5.1-12.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-yubico-0:1.3.2-9.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm python-jwcrypto-0:0.5.0-1.1.module+el8.9.0+1371+ffa84eb9.src.rpm python-kdcproxy-0:0.4-5.module+el8.9.0+1371+ffa84eb9.src.rpm python-qrcode-0:5.1-12.module+el8.9.0+1371+ffa84eb9.src.rpm python-yubico-0:1.3.2-9.1.module+el8.9.0+1371+ffa84eb9.src.rpm pyusb-0:1.0.0-9.1.module+el8.9.0+1371+ffa84eb9.src.rpm slapi-nis-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.aarch64.rpm slapi-nis-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.src.rpm slapi-nis-debuginfo-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.aarch64.rpm slapi-nis-debugsource-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.aarch64.rpm softhsm-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm softhsm-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.src.rpm softhsm-debuginfo-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm softhsm-debugsource-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm softhsm-devel-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.aarch64.rpm