FEDORA-2016-ca1d1e1dc1 created by pvoborni 4 years ago for Fedora 25
stable

Rebase to upstream 4.4.3: http://www.freeipa.org/page/Releases/4.4.3


  • Fixes 1395311 - CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod
  • Fixes 1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy

How to install

sudo dnf upgrade --advisory=FEDORA-2016-ca1d1e1dc1

This update has been submitted for testing by pvoborni.

4 years ago

This update has obsoleted freeipa-4.4.2-2.fc25, and has inherited its bugs and notes.

4 years ago

This update has been pushed to testing.

4 years ago
User Icon mbasti commented & provided feedback 4 years ago
karma

Works for me

User Icon mbabinsk commented & provided feedback 4 years ago
karma

Works as expected.

BZ#1395311 CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod
BZ#1404718 CVE-2016-9575 freeipa: ipa: Insufficient permission check in certprofile-mod [fedora-all]
BZ#1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy
BZ#1404690 CVE-2016-7030 freeipa: ipa: DoS attack against kerberized services by abusing password policy [fedora-all]
User Icon stlaz commented & provided feedback 4 years ago

Works for me.

BZ#1395311 CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod
BZ#1404718 CVE-2016-9575 freeipa: ipa: Insufficient permission check in certprofile-mod [fedora-all]
BZ#1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy
BZ#1404690 CVE-2016-7030 freeipa: ipa: DoS attack against kerberized services by abusing password policy [fedora-all]

This update has been submitted for stable by bodhi.

4 years ago
User Icon stlaz provided feedback 4 years ago
karma

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy
0
1
BZ#1395311 CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod
0
1
BZ#1404690 CVE-2016-7030 freeipa: ipa: DoS attack against kerberized services by abusing password policy [fedora-all]
0
1
BZ#1404718 CVE-2016-9575 freeipa: ipa: Insufficient permission check in certprofile-mod [fedora-all]
0
1

Automated Test Results