[ol8_appstream] ipa-server-dns-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch

Name:	ipa-server-dns
Version:	4.9.13
Release:	12.0.2.module+el8.10.0+90388+5c50e971
Architecture:	noarch
Module:	idm:DL1:8100020240815073148:10
Group:	Unspecified
Size:	94170
License:	GPLv3+
RPM:	ipa-server-dns-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm
Source RPM:	ipa-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.src.rpm
Build Date:	Thu Aug 15 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.freeipa.org/
Summary:	IPA integrated DNS server with support for automatic DNSSEC signing
Description:	IPA integrated DNS server with support for automatic DNSSEC signing. Integrated DNS server is BIND 9. OpenDNSSEC provides key management.

Changelog (Show File list) (Show related packages)

Wed Aug 14 2024 David Sloboda <david.x.sloboda@oracle.com> - 4.9.13-12.0.2
```
- Rebuild
```

Wed Aug 14 2024 EL Errata <el-errata_ww@oracle.com> - 4.9.13-12.0.1

- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]

Wed Jul 17 2024 Rafael Jeffman <rjeffman@redhat.com> - 4.9.13-9

- Allow the admin user to be disabled
  Resolves: RHEL-34756
- ipa-otptoken-import: open the key file in binary mode
  Resolves: RHEL-39616
- ipa-crlgen-manage: manage the cert status task execution time
  Resolves: RHEL-30280
- idrange-add: add a warning because 389ds restart is required
  Resolves: RHEL-28996
- PKINIT certificate: fix renewal on hidden replica
  Resolves: RHEL-4913, RHEL-45908

Wed Jun 12 2024 Julien Rische <jrische@redhat.com> - 4.9.13-11

- Add missing part of backported CVE-2024-3183 fix
  Resolves: RHEL-29927

Tue Apr 30 2024 Julien Rische <jrische@redhat.com> - 4.9.13-10

- kdb: apply combinatorial logic for ticket flags (CVE-2024-3183)
  Resolves: RHEL-29927
- kdb: fix vulnerability in GCD rules handling (CVE-2024-2698)
  Resolves: RHEL-29692

Fri Apr 12 2024 Rafael Jeffman <rjeffman@redhat.com> - 9.4.13-9

- dcerpc: invalidate forest trust intfo cache when filtering out realm domains
  Resolves: RHEL-28559
- Backport latests test fixes in python3-tests
  ipatests: add xfail for autoprivate group test with override
  ipatests: remove xfail thanks to sssd 2.9.4
  ipatests: adapt for new automembership fixup behavior
  ipatests: Fixes for test_ipahealthcheck_ipansschainvalidation testcases
  test_xmlrpc: adopt to automember plugin message changes in 389-ds
  Resolves: RHEL-29908

Thu Mar 07 2024 Rafael Jeffman <rjeffman@redhat.com> - 4.9.13-8

- rpcserver: validate Kerberos principal name before running kinit
  Resolves: RHEL-26153
- Vault: add additional fallback to RSA-OAEP wrapping algo
  Resolves: RHEL-28259

Tue Feb 20 2024 Julien Rische <jrische@redhat.com> - 4.9.13-7

- ipa-kdb: Fix double free in ipadb_reinit_mspac()
  Resolves: RHEL-25742
- kra: set RSA-OAEP as default wrapping algo when FIPS is enabled
  Resolves: RHEL-12153
- Vault: improve vault server archival/retrieval calls error handling
  Resolves: RHEL-12153
- Vault: add support for RSA-OAEP wrapping algo
  Resolves: RHEL-12153

Fri Feb 16 2024 Julien Rische <jrische@redhat.com> - 4.9.13-6

- ipa-kdb: Rework ipadb_reinit_mspac()
  Resolves: RHEL-25742
- ipatests: wait for replica update in test_dns_locations
  Resolves: RHEL-22373
- ipatests: fix tasks.wait_for_replication() method
  Resolves: RHEL-25708

Tue Feb 13 2024 Rafael Jeffman <rjeffman@redhat.com> - 4.9.13-5

- kdb: PAC generator: do not fail if canonical principal is missing
  Resolves: RHEL-23630
- ipa-kdb: Fix memory leak during PAC verification
  Resolves: RHEL-22644
- Fix session cookie access
  Resolves: RHEL-23622
- Do not ignore staged users in sidgen plugin
  Resovlves: RHEL-23626
- ipa-kdb: Disable Bronze-Bit check if PAC not available
  Resolves: RHEL-22313
- krb5kdc: Fix start when pkinit and otp auth type are enabled
  Resolves: RHEL-4874
- hbactest was not collecting or returning messages
  Resolves: RHEL-12780