CVE-2018-16838 (https://nvd.nist.gov/vuln/detail/CVE-2018-16838): A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access.
@maintainer(s): ping, ready for stabilisation?
Hi, just wanted to add that we've been running sssd-2.2.3 for three months now (necessitated by bug #709632), without any issues. Perhaps good enough to stabilize?
@maintainer(s): going ahead, but let us know if there's a problem. (In reply to Adam Purkrt from comment #2) > Hi, just wanted to add that we've been running sssd-2.2.3 for three months > now (necessitated by bug #709632), without any issues. Thank you!
bug 728894 is not a regression
amd64/x86 stable
GLSA vote: no.