Synopsis:          Moderate: realmd security, bug fix, and enhancement update
Advisory ID:       SLSA-2015:2184-7
Issue Date:        2015-11-19
CVE Numbers:       CVE-2015-2704
--

A flaw was found in the way realmd parsed certain input when writing
configuration into the sssd.conf or smb.conf file. A remote attacker could
use this flaw to inject arbitrary configurations into these files via a
newline character in an LDAP response. (CVE-2015-2704)

It was found that the realm client would try to automatically join an
active directory domain without authentication, which could potentially
lead to privilege escalation within a specified domain.

The realmd packages have been upgraded to upstream version 0.16.1, which
provides a number of bug fixes and enhancements over the previous version.

This update also fixes the following bugs:

* Joining a Scientific Linux machine to a domain using the realm utility
creates /home/domainname/[username]/ directories for domain users.
Previously, SELinux labeled the domain users' directories incorrectly. As
a consequence, the domain users sometimes experienced problems with
SELinux policy. This update modifies the realmd service default behavior
so that the domain users' directories are compatible with the standard
SELinux policy.

* Previously, the realm utility was unable to join or discover domains
with domain names containing underscore (_). The realmd service has been
modified to process underscores in domain names correctly, which fixes the
described bug.

In addition, this update adds the following enhancement:

* The realmd utility now allows the user to disable automatic ID mapping
from the command line. To disable the mapping, pass the "--automatic-id-
mapping=no" option to the realmd utility.
--

SL7
  x86_64
    realmd-0.16.1-5.el7.x86_64.rpm
    realmd-debuginfo-0.16.1-5.el7.x86_64.rpm
    realmd-devel-docs-0.16.1-5.el7.x86_64.rpm

- Scientific Linux Development Team