Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-2184)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.122784

Category: Oracle Linux Local Security Checks

Title: Oracle: Security Advisory (ELSA-2015-2184)

Summary: The remote host is missing an update for the 'realmd' package(s) announced via the ELSA-2015-2184 advisory.

Description: Summary:
The remote host is missing an update for the 'realmd' package(s) announced via the ELSA-2015-2184 advisory.

Vulnerability Insight:
[0.16.1-5]
- Revert 0.16.1-4
- Use samba by default
- Resolves: rhbz#1271618

[0.16.1-4]
- Fix regressions in 0.16.x releases
- Resolves: rhbz#1258745
- Resolves: rhbz#1258488

[0.16.1-3]
- Fix regression accepting DNS domain names
- Resolves: rhbz#1243771

[0.16.1-2]
- Fix discarded patch: ipa-packages.patch

[0.16.1-1]
- Updated to upstream 0.16.1
- Resolves: rhbz#1241832
- Resolves: rhbz#1230941

[0.16.0-1]
- Updated to upstream 0.16.0
- Resolves: rhbz#1174911
- Resolves: rhbz#1142191
- Resolves: rhbz#1142148

[0.14.6-5]
- Don't crash when full_name_format is not in sssd.conf [#1051033]
This is a regression from a prior update.

[0.14.6-4]
- Fix full_name_format printf(3) related failure [#1048087]

[0.14.6-3]
- Mass rebuild 2013-12-27

[0.14.6-2]
- Start oddjob after joining a domain [#967023]

[0.14.6-1]
- Update to upstream 0.14.6 point release
- Set 'kerberos method = system keytab' in smb.conf properly [#997580]
- Limit Netbios name to 15 chars when joining AD domain [#1001667]

[0.14.5-1]
- Update to upstream 0.14.5 point release
- Fix regression conflicting --unattended and -U as in --user args [#996223]
- Pass discovered server address to adcli tool [#996995]

[0.14.4-1]
- Update to upstream 0.14.4 point release
- Fix up the [sssd] section in sssd.conf if it's screwed up [#987491]
- Add an --unattended argument to realm command line client [#976593]
- Clearer 'realm permit' manual page example [#985800]

[0.14.3-1]
- Update to upstream 0.14.3 point release
- Populate LoginFormats correctly [#967011]
- Documentation clarifications [#985773] [#967565]
- Set sssd.conf default_shell per domain [#967569]
- Notify in terminal output when installing packages [#984960]
- If joined via adcli, delete computer with adcli too [#967008]
- If input is not a tty, then read from stdin without getpass()
- Configure pam_winbind.conf appropriately [#985819]
- Refer to FreeIPA as IPA [#967019]
- Support use of kerberos ccache to join when winbind [#985817]

[0.14.2-3]
- Run test suite when building the package
- Fix rpmlint errors

[0.14.2-2]
- Install oddjobd and oddjob-mkhomedir when joining domains [#969441]

[0.14.2-1]
- Update to upstream 0.14.2 version
- Discover FreeIPA 3.0 with AD trust correctly [#966148]
- Only allow joining one realm by default [#966650]
- Enable the oddjobd service after joining a domain [#964971]
- Remove sssd.conf allow lists when permitting all [#965760]
- Add dependency on authconfig [#964675]
- Remove glib-networking dependency now that we no longer use SSL.

[0.14.1-1]
- Update to upstream 0.14.1 version
- Fix crash/regression using passwords with joins [#961435]
- Make second Ctrl-C just quit realm tool [#961325]
- Fix critical warning when leaving IPA realm [#961320]
- Don't print out journalctl command in obvious situations [#961230]
- Document the --all option to 'realm discover' [#961279]
- No need to require sssd-tools package ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'realmd' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-2704
BugTraq ID: 73352
http://www.securityfocus.com/bid/73352
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155862.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157358.html

Copyright Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.122784
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2015-2184)
Summary:	The remote host is missing an update for the 'realmd' package(s) announced via the ELSA-2015-2184 advisory.
Description:	Summary: The remote host is missing an update for the 'realmd' package(s) announced via the ELSA-2015-2184 advisory. Vulnerability Insight: [0.16.1-5] - Revert 0.16.1-4 - Use samba by default - Resolves: rhbz#1271618 [0.16.1-4] - Fix regressions in 0.16.x releases - Resolves: rhbz#1258745 - Resolves: rhbz#1258488 [0.16.1-3] - Fix regression accepting DNS domain names - Resolves: rhbz#1243771 [0.16.1-2] - Fix discarded patch: ipa-packages.patch [0.16.1-1] - Updated to upstream 0.16.1 - Resolves: rhbz#1241832 - Resolves: rhbz#1230941 [0.16.0-1] - Updated to upstream 0.16.0 - Resolves: rhbz#1174911 - Resolves: rhbz#1142191 - Resolves: rhbz#1142148 [0.14.6-5] - Don't crash when full_name_format is not in sssd.conf [#1051033] This is a regression from a prior update. [0.14.6-4] - Fix full_name_format printf(3) related failure [#1048087] [0.14.6-3] - Mass rebuild 2013-12-27 [0.14.6-2] - Start oddjob after joining a domain [#967023] [0.14.6-1] - Update to upstream 0.14.6 point release - Set 'kerberos method = system keytab' in smb.conf properly [#997580] - Limit Netbios name to 15 chars when joining AD domain [#1001667] [0.14.5-1] - Update to upstream 0.14.5 point release - Fix regression conflicting --unattended and -U as in --user args [#996223] - Pass discovered server address to adcli tool [#996995] [0.14.4-1] - Update to upstream 0.14.4 point release - Fix up the [sssd] section in sssd.conf if it's screwed up [#987491] - Add an --unattended argument to realm command line client [#976593] - Clearer 'realm permit' manual page example [#985800] [0.14.3-1] - Update to upstream 0.14.3 point release - Populate LoginFormats correctly [#967011] - Documentation clarifications [#985773] [#967565] - Set sssd.conf default_shell per domain [#967569] - Notify in terminal output when installing packages [#984960] - If joined via adcli, delete computer with adcli too [#967008] - If input is not a tty, then read from stdin without getpass() - Configure pam_winbind.conf appropriately [#985819] - Refer to FreeIPA as IPA [#967019] - Support use of kerberos ccache to join when winbind [#985817] [0.14.2-3] - Run test suite when building the package - Fix rpmlint errors [0.14.2-2] - Install oddjobd and oddjob-mkhomedir when joining domains [#969441] [0.14.2-1] - Update to upstream 0.14.2 version - Discover FreeIPA 3.0 with AD trust correctly [#966148] - Only allow joining one realm by default [#966650] - Enable the oddjobd service after joining a domain [#964971] - Remove sssd.conf allow lists when permitting all [#965760] - Add dependency on authconfig [#964675] - Remove glib-networking dependency now that we no longer use SSL. [0.14.1-1] - Update to upstream 0.14.1 version - Fix crash/regression using passwords with joins [#961435] - Make second Ctrl-C just quit realm tool [#961325] - Fix critical warning when leaving IPA realm [#961320] - Don't print out journalctl command in obvious situations [#961230] - Document the --all option to 'realm discover' [#961279] - No need to require sssd-tools package ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'realmd' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-2704 BugTraq ID: 73352 http://www.securityfocus.com/bid/73352 http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155862.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157358.html
Copyright	Copyright (C) 2015 Greenbone AG