ALSA-2024:3754

[ALSA-2024:3754] Important: ipa security update

Type:

security

Severity:

important

Release date:

2024-06-20

Description:

AlmaLinux Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.

Security Fix(es):

* freeipa: delegation rules allow a proxy service to impersonate any user to access another target service (CVE-2024-2698)
* freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force (CVE-2024-3183)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	ipa-server-4.11.0-15.el9_4.alma.1.aarch64.rpm	008d646d8af1c4ab429416d5a4a7d55c96131b5176d409b2f12c9cf56d560be3
aarch64	ipa-client-epn-4.11.0-15.el9_4.alma.1.aarch64.rpm	2e452a3185cf9ba43cd5b18f400b53618ec51f6d004705b0bc7ae93040fbcf29
aarch64	ipa-server-trust-ad-4.11.0-15.el9_4.alma.1.aarch64.rpm	31531346dfe673801825eff53fc3bea2d3d3fac06e60f22a32d626759bad01d2
aarch64	ipa-client-4.11.0-15.el9_4.alma.1.aarch64.rpm	3e29d9249d3c6844ac6a135fac910e13506e0623383d6bc99aae39fea15b8e6a
aarch64	ipa-client-samba-4.11.0-15.el9_4.alma.1.aarch64.rpm	65827dd71c9497b14c1d90dbe0beee9be3f22d62a0817e5c41fd3479cca36b64
noarch	python3-ipaserver-4.11.0-15.el9_4.alma.1.noarch.rpm	40a4154db8aac39968fc4f7cf327863ac3f3bd8919b4dc68e6c14a4ab01eb5c9
noarch	python3-ipalib-4.11.0-15.el9_4.alma.1.noarch.rpm	4685c4ad0d7809b20234c8c41abd2c35f8e846c30823f4a51f5b2cd7d3a5021d
noarch	python3-ipatests-4.11.0-15.el9_4.alma.1.noarch.rpm	78a871b98a4d70c7e4965a260510e083551216826811b20ae35783e13bdd5fdd
noarch	ipa-server-common-4.11.0-15.el9_4.alma.1.noarch.rpm	78c12a5600633f1655b2a35f3b63d7b39c0f49136f53f5fbf1f43b90763e9534
noarch	ipa-client-common-4.11.0-15.el9_4.alma.1.noarch.rpm	7c8ab597afb44822aa519229f86d7b7cfb15bbaecd4c98b86ef69236c3b69f38
noarch	ipa-server-dns-4.11.0-15.el9_4.alma.1.noarch.rpm	94b714cb309d009eb644237221dbe3f71e52bf8c8a8e51d5d146782776c0cfa1
noarch	ipa-selinux-4.11.0-15.el9_4.alma.1.noarch.rpm	b7912916951acae4663a14ab6732f523cd11b4e839c61cb35d699ac5a136f38e
noarch	python3-ipaclient-4.11.0-15.el9_4.alma.1.noarch.rpm	f39f0f73b007711341356b8af46f1f1e4e354a48afe1770649cafa532bc42a24
noarch	ipa-common-4.11.0-15.el9_4.alma.1.noarch.rpm	f4e82a031b6db79bb4ef20babac0d8c4f972deed8860231e96bfa98c15ca5c11
ppc64le	ipa-client-4.11.0-15.el9_4.alma.1.ppc64le.rpm	58dbad78259fc60da4e5ed1668d09654d78413e2b282e39e7a3f6ff79c5a785a
ppc64le	ipa-server-4.11.0-15.el9_4.alma.1.ppc64le.rpm	7398051504c816d38391f745e4a4e5f4e932c5ad4aad7872b6b9d9eb15085d34
ppc64le	ipa-client-epn-4.11.0-15.el9_4.alma.1.ppc64le.rpm	9444d4e842e58709a31b0191d60d1d3d05b78eb014621b70b0a7150f65f1e6f9
ppc64le	ipa-client-samba-4.11.0-15.el9_4.alma.1.ppc64le.rpm	a212610a2bffb4a7c27dad97453c2c3a38bc2c9ab303834d72409d66b52d91d0
ppc64le	ipa-server-trust-ad-4.11.0-15.el9_4.alma.1.ppc64le.rpm	a63f5163f02390d38359fd499fe30fddb81adbb61222a7792efb95100296fd7c
s390x	ipa-server-trust-ad-4.11.0-15.el9_4.alma.1.s390x.rpm	43130ef4b459935a9a8ab8743662b773422517d68b627958e1c10c6a5afd0268
s390x	ipa-client-4.11.0-15.el9_4.alma.1.s390x.rpm	4a7cf96614a163e3c974ccbef6edaef34fda34780c0f33f22809ff0d7de42027
s390x	ipa-client-samba-4.11.0-15.el9_4.alma.1.s390x.rpm	770b8342412bade75e039b46b3cacad1c70aa619ddeeddcd3122759c8ffe05e0
s390x	ipa-server-4.11.0-15.el9_4.alma.1.s390x.rpm	82309fe2033647b0df0f0d17d44d44cfed7c412d503e21b69a83e97a20fe62fd
s390x	ipa-client-epn-4.11.0-15.el9_4.alma.1.s390x.rpm	d6b1861fb9f1d18292d06eda52a21615ae9325b3d9552c7cc1691d0eb2f29e32
x86_64	ipa-client-4.11.0-15.el9_4.alma.1.x86_64.rpm	2436b84c546c032ce01839b15662ee657053436add091955da423c70cb048b6e
x86_64	ipa-server-trust-ad-4.11.0-15.el9_4.alma.1.x86_64.rpm	2d8e2219f8c14438722fd7bd65ee0d092b12fcf639694f7d72b9b8adf57dfe1a
x86_64	ipa-server-4.11.0-15.el9_4.alma.1.x86_64.rpm	4ddc297bc952f64994890f4f0158a3378f14e1f6358d917653cf0c302a85b1b8
x86_64	ipa-client-samba-4.11.0-15.el9_4.alma.1.x86_64.rpm	8134c96d3d2618f54da4b2e619183412c2310a22ac7483d990b430f8a0527041
x86_64	ipa-client-epn-4.11.0-15.el9_4.alma.1.x86_64.rpm	d3eb115859ca9f494c1d5da9222104f8c8351d90c42e9158157ab4e3152be6f7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.