Accepting request 69546 from home:rhafer:branches:network:ldap

Update to 1.5.7 (bnc#691135) OBS-URL: https://build.opensuse.org/request/show/69546 OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=49
2011-05-04 09:56:24 +00:00
parent 3c118accde
commit 4e5f09ec6b
4 changed files with 23 additions and 4 deletions
--- a/sssd.changes
+++ b/sssd.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Wed May  4 09:22:20 UTC 2011 - rhafer@suse.de
+
+- Update to 1.5.7
+  * A flaw was found in the handling of cached passwords when
+    kerberos renewal tickets is enabled.  Due to a bug, the cached
+    password was overwritten with a (moderately) predictable
+    filename, which could allow a user to authenticate as someone
+    else if they knew the name of the cache file (bnc#691135,
+    CVE-2011-1758)
+- Changes in 1.5.6:
+  * Fixed a serious memory leak in the memberOf plugin
+  * Fixed a regression with the negative cache that caused it to be
+    essentially nonfunctional
+  * Fixed an issue where the user's full name would sometimes be
+    removed from the cache
+  * Fixed an issue with password changes in the kerberos provider
+    not working with kpasswd
+
 -------------------------------------------------------------------
 Thu Apr 14 11:31:38 UTC 2011 - rhafer@suse.de