{"id":"RHSA-2024:0137","summary":"Red Hat Security Advisory: idm:DL1 security update","modified":"2026-03-18T11:35:57.020341Z","published":"2024-09-16T16:08:57Z","upstream":["CVE-2020-17049","CVE-2023-5455"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0137"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2025721"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242828"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0137.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-17049"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-17049"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-17049"},{"type":"ARTICLE","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2023-5455"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2023-5455"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5455"},{"type":"ARTICLE","url":"https://www.freeipa.org/release-notes/4-10-3.html"},{"type":"ARTICLE","url":"https://www.freeipa.org/release-notes/4-11-1.html"},{"type":"ARTICLE","url":"https://www.freeipa.org/release-notes/4-6-10.html"},{"type":"ARTICLE","url":"https://www.freeipa.org/release-notes/4-9-14.html"}],"affected":[{"package":{"name":"bind-dyndb-ldap","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/bind-dyndb-ldap"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:11.6-4.module+el8.8.0+17351+9a3fb056"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"bind-dyndb-ldap-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/bind-dyndb-ldap-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:11.6-4.module+el8.8.0+17351+9a3fb056"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"bind-dyndb-ldap-debugsource","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/bind-dyndb-ldap-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:11.6-4.module+el8.8.0+17351+9a3fb056"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"custodia","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/custodia"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.0-3.module+el8.1.0+4098+f286395e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-client","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-client-common","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-client-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-client-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-client-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-client-epn","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-client-epn"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-client-samba","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-client-samba"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-common","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-debugsource","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-healthcheck","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-healthcheck"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-1.module+el8.8.0+17582+6bf5bf91"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-healthcheck-core","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-healthcheck-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.12-1.module+el8.8.0+17582+6bf5bf91"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-python-compat","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-python-compat"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-selinux","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-server","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-server-common","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-server-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-server-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-server-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-server-dns","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-server-dns"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-server-trust-ad","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-server-trust-ad"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"ipa-server-trust-ad-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/ipa-server-trust-ad-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"opendnssec","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/opendnssec"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.7-1.module+el8.4.0+9007+5084bdd8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"opendnssec-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/opendnssec-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.7-1.module+el8.4.0+9007+5084bdd8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"opendnssec-debugsource","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/opendnssec-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.7-1.module+el8.4.0+9007+5084bdd8"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python-jwcrypto","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python-jwcrypto"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.5.0-1.1.module+el8.7.0+15842+306cbc83"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python-kdcproxy","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python-kdcproxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4-5.module+el8.2.0+4691+a05b2456"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python-qrcode","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python-qrcode"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1-12.module+el8.1.0+4098+f286395e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python-yubico","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python-yubico"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.2-9.1.module+el8.7.0+15691+2b2c1dd5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-custodia","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-custodia"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.0-3.module+el8.1.0+4098+f286395e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-ipaclient","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-ipaclient"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-ipalib","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-ipalib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-ipaserver","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-ipaserver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-ipatests","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-ipatests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.9.11-9.module+el8.8.0+20825+52dd1628"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-jwcrypto","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-jwcrypto"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.5.0-1.1.module+el8.7.0+15842+306cbc83"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-kdcproxy","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-kdcproxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.4-5.module+el8.2.0+4691+a05b2456"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-pyusb","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-pyusb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-9.1.module+el8.7.0+15691+2b2c1dd5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-qrcode","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-qrcode"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1-12.module+el8.1.0+4098+f286395e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-qrcode-core","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-qrcode-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.1-12.module+el8.1.0+4098+f286395e"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"python3-yubico","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/python3-yubico"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.2-9.1.module+el8.7.0+15691+2b2c1dd5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"pyusb","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/pyusb"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-9.1.module+el8.7.0+15691+2b2c1dd5"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"slapi-nis","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/slapi-nis"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.60.0-4.module+el8.8.0+20635+330e3683"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"slapi-nis-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/slapi-nis-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.60.0-4.module+el8.8.0+20635+330e3683"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"slapi-nis-debugsource","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/slapi-nis-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.60.0-4.module+el8.8.0+20635+330e3683"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"softhsm","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/softhsm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.4.0+10227+076cd560"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"softhsm-debuginfo","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/softhsm-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.4.0+10227+076cd560"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"softhsm-debugsource","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/softhsm-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.4.0+10227+076cd560"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}},{"package":{"name":"softhsm-devel","ecosystem":"Red Hat:rhel_eus:8.8::appstream","purl":"pkg:rpm/redhat/softhsm-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.6.0-5.module+el8.4.0+10227+076cd560"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2024:0137.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}