-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-cf4f628312 2025-10-25 20:54:13.409369+00:00 --------------------------------------------------------------------------------
Name : sssd Product : Fedora 43 Version : 2.11.1 Release : 4.fc43 URL : https://github.com/SSSD/sssd/ Summary : System Security Services Daemon Description : Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for projects like FreeIPA.
The sssd subpackage is a meta-package that contains the daemon as well as all the existing back ends.
-------------------------------------------------------------------------------- Update Information:
Fixes CVE-2025-11561 Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2402728 After startup SSSD already creates a Kerberos configuration snippet in /var/lib/sss/pubconf/krb5.include.d/localauth_plugin if the AD or IPA providers are used. This enables SSSD's localauth plugin. Starting with this update the an2ln plugin is disabled in the configuration snippet as well. If this file or its content are included in the Kerberos configuration (a default on Fedora) it will fix CVE-2025-11561. -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 20 2025 Alexey Tikhonov atikhono@redhat.com - 2.11.1-4 - Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2402728 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cf4f628312' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------