[Apollo] Advisories Statistics light light Login

RLSA-2024:0143

Security Mirrored from RHSA-2024:0143
Issued at: 2024-01-12
Updated at: 2025-07-29

Synopsis

Moderate: idm:DL1 security update



Description

Rocky Enterprise Software Foundation Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

Security Fix(es):

* Kerberos: delegation constrain bypass in S4U2Proxy (CVE-2020-17049)

* ipa: Invalid CSRF protection (CVE-2023-5455)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 x86_64

Fixes

2025721 2242828

CVEs

CVE-2020-17049 CVE-2023-5455

Affected packages

Rocky Linux 8 aarch64 - AppStream

custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.noarch.rpm custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.src.rpm ipa-healthcheck-0:0.12-3.module+el8.9.0+1434+912e18bd.noarch.rpm ipa-healthcheck-0:0.12-3.module+el8.9.0+1433+5bd2f890.src.rpm ipa-healthcheck-core-0:0.12-3.module+el8.9.0+1433+5bd2f890.noarch.rpm opendnssec-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.src.rpm python3-custodia-0:0.6.0-3.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-kdcproxy-0:0.4-5.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-pyusb-0:1.0.0-9.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-qrcode-0:5.1-12.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-qrcode-core-0:5.1-12.module+el8.9.0+1371+ffa84eb9.noarch.rpm python3-yubico-0:1.3.2-9.1.module+el8.9.0+1371+ffa84eb9.noarch.rpm python-kdcproxy-0:0.4-5.module+el8.9.0+1371+ffa84eb9.src.rpm python-qrcode-0:5.1-12.module+el8.9.0+1371+ffa84eb9.src.rpm python-yubico-0:1.3.2-9.1.module+el8.9.0+1371+ffa84eb9.src.rpm pyusb-0:1.0.0-9.1.module+el8.9.0+1371+ffa84eb9.src.rpm slapi-nis-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.src.rpm softhsm-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.src.rpm

Rocky Linux 8 x86_64 - AppStream

ipa-healthcheck-0:0.12-3.module+el8.9.0+1434+912e18bd.src.rpm ipa-healthcheck-core-0:0.12-3.module+el8.9.0+1434+912e18bd.noarch.rpm opendnssec-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.x86_64.rpm opendnssec-debuginfo-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.x86_64.rpm opendnssec-debugsource-0:2.1.7-1.module+el8.9.0+1371+ffa84eb9.x86_64.rpm python3-kdcproxy-0:0.4-5.module+el8.10.0+1915+3c70f7d9.1.noarch.rpm python3-pyusb-0:1.0.0-9.1.module+el8.9.0+1372+09f67869.noarch.rpm python3-qrcode-0:5.1-12.module+el8.9.0+1372+09f67869.noarch.rpm python3-qrcode-core-0:5.1-12.module+el8.9.0+1372+09f67869.noarch.rpm python3-yubico-0:1.3.2-9.1.module+el8.9.0+1372+09f67869.noarch.rpm python-kdcproxy-0:0.4-5.module+el8.10.0+1915+3c70f7d9.1.src.rpm python-qrcode-0:5.1-12.module+el8.9.0+1372+09f67869.src.rpm python-yubico-0:1.3.2-9.1.module+el8.9.0+1372+09f67869.src.rpm pyusb-0:1.0.0-9.1.module+el8.9.0+1372+09f67869.src.rpm slapi-nis-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.x86_64.rpm slapi-nis-debuginfo-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.x86_64.rpm slapi-nis-debugsource-0:0.60.0-4.module+el8.9.0+1573+39ab85f4.x86_64.rpm softhsm-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.x86_64.rpm softhsm-debuginfo-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.x86_64.rpm softhsm-debugsource-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.x86_64.rpm softhsm-devel-0:2.6.0-5.module+el8.9.0+1371+ffa84eb9.x86_64.rpm