An update is available for sssd.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.

Bug Fix(es) and Enhancement(s):

* Analyzer: Optimize and remove duplicate messages in verbose list (BZ#2139871)

* SSSD: `sssctl analyze` command shouldn’t require ‘root’ privileged (BZ#2142961)

* UPN check cannot be disabled explicitly but requires krb5_validate = false’ as a work-around (BZ#2148989)

* authenticating against external IdP services okta (native app) with OAuth client secret failed (BZ#2152883)Read More