This bug was fixed in the package sssd - 1.5.15-0ubuntu1

---------------
sssd (1.5.15-0ubuntu1) precise; urgency=low

  * Merge from Debian git, remaining changes: none.
  * Rebuild against current ldb (LP: #893043).

sssd (1.5.15-1) UNRELEASED; urgency=low

  [ Petter Reinholdtsen ]
  * New upstream version 1.2.4:
    - Resolves long-standing issues related to group processing with
      RFC2307bis LDAP servers.
    - Fixed bugs in RFC2307bis group memberships related to initgroups
      (Closes: #595564).
    - Fix tight-loop bug on systems with older OpenLDAP client
      libraries (such as Red Hat Enterprise Linux 5)
  * New Upstream Version 1.2.3:
    - Resolves CVE-2010-2940.
  * New Upstream Version 1.2.2:
    - The LDAP provider no longer requires access to the LDAP
      RootDSE. If it is unavailable, we will continue on with our best
      guess.
    - The LDAP provider will now log issues with TLS and GSSAPI to the
      syslog.
    - Significant performance improvement when performing initgroups
      on users who are members of large groups in LDAP.
    - The sss_client will now reconnect properly to the SSSD if the
      daemon is restarted.
      * This resolves an issue causing GDM to crash when logging out
        of a user after the SSSD had been restarted.
  * Correct package description for python-sss (Closes: #596215).
  * Update Standards-Version from 3.8.4 to 3.9.1.  No changes needed.

  [ Timo Aaltonen ]
  * New upstream release (1.5.15) (Closes: #595564, #624194, #640678).
    - Add libunistring-dev to build-deps.
  * Drop patch to ensure LDAP authentication never accept a zero
    length password, which is now included upstream.
  * sssd.upstart.ubuntu:
    - Don't start before net-device-up. (LP: 812943)
    - Source /etc/default/sssd. (LP: 812943)
  * sssd.default: Added a file to include the sssd daemon defaults,
    currently has '-D -f'.
  * sssd.init: Drop separate OPTIONS, '-D' comes from /etc/default/sssd
    now..
  * rules: Install the Python API files to /usr/share/sssd, as discussed
    with upstream. (LP: 859611)
  * fix-python-api-path.dpatch: Use the new location for the API files.
    (LP: 859611)
  * libpam-sss.pam-auth-update:
    - Add 'forward_pass' to auth stack to fix ecryptfs mounts. (LP: 826643)
    - Add pam_localuser.so to account stack to allow local users to log in.
      (LP: 860488)
    - Drop the priority so that pam_unix is always before pam_sss.
  * control: sssd now Recommends libpam-sss and libnss-sss, since sssd is
    mostly useless without them. (LP: 767337)
  * sssd.prerm: Remove empty script.
  * control, compat: Bump debhelper build-dep and compat level to 8.
  * Switch to source format 3.0 (quilt).
  * Do not install a working config file by default. The local domain
    definition was broken (upstream #1014). The daemon will need to be
    configured by other means before it's usable.
  * Add fix-format-security.diff (Closes: #643806)
  * Add support for Multi-Arch.
  * Migrate to dh, drop cdbs build-dep, add quilt, dh-autoreconf and
    autopoint to build-deps.
  * Remove unnecessary libnss-sss.links.
  * Add libdhash-dev, libcollection-dev and libini-config-dev to build-deps.
  * Drop cvs from build-depends.
  * Add new packages: libipa-hbac0, libipa-hbac-dev, python-libipa-hbac.
  * libnss-sss.overrides: Add an override for
    "package-name-doesnt-match-sonames".
  * Determine the used init system during build, add lsb-release to
    build-deps. Default to sysvinit, use upstart if Ubuntu.
  * Add ensure-all-input-valid-utf8.diff from upsream: Ensure that all
    input strings are valid UTF-8.
 -- Timo Aaltonen <email address hidden>   Thu, 24 Nov 2011 19:57:41 +0200