Name: | ipa-server |
---|---|
Version: | 4.6.6 |
Release: | 11.0.1.el7 |
Architecture: | x86_64 |
Group: | System Environment/Base |
Size: | 1074334 |
License: | GPLv3+ |
RPM: | ipa-server-4.6.6-11.0.1.el7.x86_64.rpm |
Source RPM: | ipa-4.6.6-11.0.1.el7.src.rpm |
Build Date: | Wed Apr 01 2020 |
Build Host: | jenkins-10-147-72-125-70eb7d94-5819-4b4f-b60a-e1c7267aafb0.appad3iad.osdevelopmeniad.oraclevcn.com |
Vendor: | Oracle America |
URL: | http://www.freeipa.org/ |
Summary: | The IPA authentication server |
Description: | IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). If you are installing an IPA server, you need to install this package. |
- Blank out header-logo.png product-name.png - Replace login-screen-logo.png [Orabug: 20362818]
- Resolves: #1778777 - After upgrade AD Trust Agents were removed from LDAP - trust upgrade: ensure that host is member of adtrust agents
- Resolves: #1728123 - EMBARGOED CVE-2019-10195 ipa: FreeIPA: batch API logging user passwords to /var/log/httpd/error_log [rhel-7] - CVE-2019-10195: Don't log passwords embedded in commands in calls using batch - Resolves: #1773550 - IPA upgrade fails for latest ipa package when adtrust is installed - Do not run trust upgrade code if master lacks Samba bindings - Resolves: #1767302 - EMBARGOED CVE-2019-14867 ipa: Denial of service in IPA server due to wrong use of ber_scanf() [rhel-7.8] - Make sure to have storage space for tag
- Resolves: #1762317 - ipa-backup command is failing on rhel-7.8 - ipa-backup: fix python2 issue with os.mkdir
- Resolves: #1755223 - Sub-CA key replication failure - Handle missing LWCA certificate or chain - Fix CustodiaClient ccache handling - CustodiaClient: use ldapi when ldap_uri not specified - CustodiaClient: fix IPASecStore config on ipa-4-7 - Bump krb5 min version
- Resolves: #1754494 - ipa-replica-install does not enforce --server option - replica install: enforce --server arg - Resolves: #1729638 - ipa_kdb: assertion failure from NULL lcontext pointer to ldap_get_values_len() - Fix segfault in ipadb_parse_ldap_entry() - Log INFO message when LDAP connection fails on startup - Fix NULL pointer dereference in maybe_require_preauth() - Resolves: #1636765 - ipa-restore set wrong file permissions and ownership for /var/log/dirsrv/slapd- directory - ipa-restore: Restore ownership and perms on 389-ds log directory
- Resolves: #1752005 - Keyrings should not be used in containerized environment - Don't configure KEYRING ccache in containers - Resolves: #1751951 - When master's IP address does not resolve to its name, ipa-replica-install fails - Add container environment check to replicainstall - Resolves: #1750700 - when migrating trusted domain object structure, add default access control definitions, if they were missing in old trust objects - add default access control when migrating trust objects - adtrust: add default read_keys permission for TDO objects - Disable deprecated-lambda check in adtrust upgrade code
- Resolves: #1749788 - ipa host-find --pkey-only includes SSH keys in output - Don't return SSH keys with ipa host-find --pkey-only - Resolves: #1745108 - Bug 1497334 invalidating single-label domains introduces regression of usage for customers - check for single-label domains only during server install - Resolves: #1583950 - IPA: IDM drops all custom attributes when moving account from preserved to stage - user-stage: transfer all attributes from preserved to stage user - xmlrpc test: add test for preserved > stage user
- Resolves: 1744926 - rebuild against Samba 4.10 to solve undefined symbol: DEBUGLEVEL_CLASS - Backport patches to compile against Samba 4.10 - Fix Python 2 compatibility in adtrustinstance
- Resolves: 1717008 - User incorrectly added to negative cache when backend is reconnecting to IPA service / timed out: error code 32 'No such object'