-
Tue Mar 31 2020 EL Errata <el-errata_ww@oracle.com> - 4.6.6-11.0.1
- Blank out header-logo.png product-name.png
- Replace login-screen-logo.png [Orabug: 20362818]
-
Wed Dec 04 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-11.el7
- Resolves: #1778777 - After upgrade AD Trust Agents were removed from LDAP
- trust upgrade: ensure that host is member of adtrust agents
-
Tue Nov 26 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-10.el7
- Resolves: #1728123 - EMBARGOED CVE-2019-10195 ipa: FreeIPA: batch API logging user passwords to /var/log/httpd/error_log [rhel-7]
- CVE-2019-10195: Don't log passwords embedded in commands in calls using batch
- Resolves: #1773550 - IPA upgrade fails for latest ipa package when adtrust is installed
- Do not run trust upgrade code if master lacks Samba bindings
- Resolves: #1767302 - EMBARGOED CVE-2019-14867 ipa: Denial of service in IPA server due to wrong use of ber_scanf() [rhel-7.8]
- Make sure to have storage space for tag
-
Wed Oct 30 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-9.el7
- Resolves: #1762317 - ipa-backup command is failing on rhel-7.8
- ipa-backup: fix python2 issue with os.mkdir
-
Mon Sep 30 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-8.el7
- Resolves: #1755223 - Sub-CA key replication failure
- Handle missing LWCA certificate or chain
- Fix CustodiaClient ccache handling
- CustodiaClient: use ldapi when ldap_uri not specified
- CustodiaClient: fix IPASecStore config on ipa-4-7
- Bump krb5 min version
-
Tue Sep 24 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-7.el7
- Resolves: #1754494 - ipa-replica-install does not enforce --server option
- replica install: enforce --server arg
- Resolves: #1729638 - ipa_kdb: assertion failure from NULL lcontext pointer to ldap_get_values_len()
- Fix segfault in ipadb_parse_ldap_entry()
- Log INFO message when LDAP connection fails on startup
- Fix NULL pointer dereference in maybe_require_preauth()
- Resolves: #1636765 - ipa-restore set wrong file permissions and ownership for /var/log/dirsrv/slapd- directory
- ipa-restore: Restore ownership and perms on 389-ds log directory
-
Tue Sep 17 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-6.el7
- Resolves: #1752005 - Keyrings should not be used in containerized environment
- Don't configure KEYRING ccache in containers
- Resolves: #1751951 - When master's IP address does not resolve to its name, ipa-replica-install fails
- Add container environment check to replicainstall
- Resolves: #1750700 - when migrating trusted domain object structure, add default access control definitions, if they were missing in old trust objects
- add default access control when migrating trust objects
- adtrust: add default read_keys permission for TDO objects
- Disable deprecated-lambda check in adtrust upgrade code
-
Mon Sep 09 2019 Florence Blanc-Renaud <frenaud@redhat.com> - 4.6.6-5.el7
- Resolves: #1749788 - ipa host-find --pkey-only includes SSH keys in output
- Don't return SSH keys with ipa host-find --pkey-only
- Resolves: #1745108 - Bug 1497334 invalidating single-label domains introduces regression of usage for customers
- check for single-label domains only during server install
- Resolves: #1583950 - IPA: IDM drops all custom attributes when moving account from preserved to stage
- user-stage: transfer all attributes from preserved to stage user
- xmlrpc test: add test for preserved > stage user
-
Fri Aug 23 2019 Alexander Bokovoy <abokovoy@redhat.com> - 4.6.6-4.el7
- Resolves: 1744926 - rebuild against Samba 4.10 to solve undefined symbol: DEBUGLEVEL_CLASS
- Backport patches to compile against Samba 4.10
- Fix Python 2 compatibility in adtrustinstance
-
Mon Aug 19 2019 Alexander Bokovoy <abokovoy@redhat.com> - 4.6.6-3.el7
- Resolves: 1717008 - User incorrectly added to negative cache when backend is reconnecting to IPA service / timed out: error code 32 'No such object'