[CLSA-2026:1778881463] ipa: Fix of 3 CVEs
Type:
security
Severity:
Moderate
Release date:
2026-05-15 23:08:57 UTC
Description:
- CVE-2023-5455: fix CSRF vulnerability by adding Referer header check to all session endpoints - CVE-2024-1481: validate Kerberos principal name before kinit and pass it with -- separator to prevent option injection - CVE-2024-11029: scrub administrative passwords from process command line and pass OIDC client secret via stdin
Updated packages:
  • ipa-client-4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64.rpm
    sha:ddbe846a2399896dd27c1b309d1c8676341e058cb5b3211141dd1b4b488f63d4
  • ipa-client-common-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:3824d37db616b3173db39c80e77a38228cd4c7f47662be0e314e07335389f7c4
  • ipa-client-epn-4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64.rpm
    sha:d3c18c82684b0432a90793ea5dc007cc52c8341ce62ec8d8f524eef4d16d9459
  • ipa-client-samba-4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64.rpm
    sha:e99fcdff81cc160dd808b33084429b71c26d0d3d8828b2b3625588fad6c593ec
  • ipa-common-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:43046b92a1f3218cccd10482a55345c2bdd5f3fa9b863f595ea6103ba60926c6
  • ipa-python-compat-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:90964f8f178d0a57cbacc6770af777de8264e5e91740e9e822decf098f45425f
  • ipa-selinux-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:04a86e632b30e89bb2969814c7432071d6f33a1516524998bae285bc367410e3
  • ipa-server-4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64.rpm
    sha:1a46986dc9dbe89c82f0563b03c49ec86894a059d8caeedf3bc225e8f149fba9
  • ipa-server-common-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:b5dfa8de4ed29d3e9ce4c7f5b4d9acb45960719c630a05f9b3331d00253c5ff7
  • ipa-server-dns-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:2ed7e9003b68b9327d8ab37c95a1e5e539f0e3378bd0910dc34184505a989864
  • ipa-server-trust-ad-4.10.1-9.el9_2.alma.1.tuxcare.els3.x86_64.rpm
    sha:886d3268cad79b85c989fa19a3917721799f431659087e8fa903b7915a34da35
  • python3-ipaclient-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:61c4667bb99ae352fdbb8d257828925cb2ad75713e9471d83d2ec39090a01e84
  • python3-ipalib-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:b7d07966ce8e392603831fa092bd629448c11663d4426e5e143acafd43490c6f
  • python3-ipaserver-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:6a1332ae5e1db12cbbb6df0620e38cb293e6b264f23b4653df502818048d2741
  • python3-ipatests-4.10.1-9.el9_2.alma.1.tuxcare.els3.noarch.rpm
    sha:484c54f8e3b595ab269e69918be2c0090b146bfffec8507869f83b357881eeac
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.