{"affected":[{"ecosystem_specific":{"binaries":[{"libipa_hbac0":"1.11.5.1-10.16.1","libsss_idmap0":"1.11.5.1-10.16.1","libsss_sudo":"1.11.5.1-10.16.1","python-sssd-config":"1.11.5.1-10.16.1","sssd":"1.11.5.1-10.16.1","sssd-32bit":"1.11.5.1-10.16.1","sssd-ad":"1.11.5.1-10.16.1","sssd-ipa":"1.11.5.1-10.16.1","sssd-krb5":"1.11.5.1-10.16.1","sssd-krb5-common":"1.11.5.1-10.16.1","sssd-ldap":"1.11.5.1-10.16.1","sssd-proxy":"1.11.5.1-10.16.1","sssd-tools":"1.11.5.1-10.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","name":"sssd","purl":"pkg:rpm/suse/sssd&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.11.5.1-10.16.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for sssd fixes the following issues:\n\nSecurity vulnerability fixed:\n\n- CVE-2019-3811: Fix fallback_homedir returning '/' for empty home directories\n  (bsc#1121759)\n\nOther bug fixes and changes:\n\n- Skip sdap_save_grpmem() if ignore_group_members is set. (bsc#1082568)\n- Only search for primary group if it is not already cached (bsc#1082568)\n- Install /var/lib/sss/mc directory to correct sssd cache invalidation\n  behaviour. Spec patch authored by Josef Cejka. (bsc#1039567)\n  to fix a segfault in sudo provider (bsc#977224).\n- Fix a segfault in sss_cache (bsc#976038).\n","id":"SUSE-SU-2019:0552-1","modified":"2019-03-06T08:47:58Z","published":"2019-03-06T08:47:58Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190552-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1039567"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082568"},{"type":"REPORT","url":"https://bugzilla.suse.com/1121759"},{"type":"REPORT","url":"https://bugzilla.suse.com/976038"},{"type":"REPORT","url":"https://bugzilla.suse.com/977224"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-3811"}],"related":["CVE-2019-3811"],"summary":"Security update for sssd","upstream":["CVE-2019-3811"]}