ALSA-2024:3754
- Source
- https://errata.almalinux.org/9/ALSA-2024-3754.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:3754.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2024:3754
- Related
- Published
- 2024-06-10T00:00:00Z
- Modified
- 2024-06-20T16:08:28Z
- Summary
- Important: ipa security update
- Details
-
AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
Security Fix(es):
- freeipa: delegation rules allow a proxy service to impersonate any user to access another target service (CVE-2024-2698)
- freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force (CVE-2024-3183)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
Affected packages
AlmaLinux:9 / ipa-client
Package
- Name
- ipa-client
AlmaLinux:9 / ipa-client-common
Package
- Name
- ipa-client-common
AlmaLinux:9 / ipa-client-epn
Package
- Name
- ipa-client-epn
AlmaLinux:9 / ipa-client-samba
Package
- Name
- ipa-client-samba
AlmaLinux:9 / ipa-common
Package
- Name
- ipa-common
AlmaLinux:9 / ipa-selinux
Package
- Name
- ipa-selinux
AlmaLinux:9 / ipa-server
Package
- Name
- ipa-server
AlmaLinux:9 / ipa-server-common
Package
- Name
- ipa-server-common
AlmaLinux:9 / ipa-server-dns
Package
- Name
- ipa-server-dns
AlmaLinux:9 / ipa-server-trust-ad
Package
- Name
- ipa-server-trust-ad
AlmaLinux:9 / python3-ipaclient
Package
- Name
- python3-ipaclient
AlmaLinux:9 / python3-ipalib
Package
- Name
- python3-ipalib
AlmaLinux:9 / python3-ipaserver
Package
- Name
- python3-ipaserver