This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for sssd fixes one security issue and three bugs.
The following vulnerability was fixed :
- CVE-2014-0249: Incorrect expansion of group membership
when encountering a non-POSIX group. (bsc#880245)
The following non-security fixes were also included :
- Prevent crashes of statically linked binaries using
getpwuid when sssd is used and nscd is turned off or has
caching disabled. (bsc#993582)
- Add logrotate configuration to prevent log files from
growing too large when running with debug mode enabled.
- Order sudo rules by the same logic used by the native
LDAP support from sudo. (bsc#1002973)
This update was imported from the SUSE:SLE-12-SP1:Update update
See also :
Update the affected sssd packages.
Risk factor :
Low / CVSS Base Score : 3.3