Name: | ipa-client-common |
---|---|
Version: | 4.9.13 |
Release: | 12.0.2.module+el8.10.0+90388+5c50e971 |
Architecture: | noarch |
Module: | idm:DL1:8100020240815073148:10 |
Group: | Unspecified |
Size: | 48576 |
License: | GPLv3+ |
RPM: | ipa-client-common-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.noarch.rpm |
Source RPM: | ipa-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.src.rpm |
Build Date: | Thu Aug 15 2024 |
Build Host: | build-ol8-x86_64.oracle.com |
Vendor: | Oracle America |
URL: | http://www.freeipa.org/ |
Summary: | Common files used by IPA client |
Description: | IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). If your network uses IPA for authentication, this package should be installed on every client machine. |
- Rebuild
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Allow the admin user to be disabled Resolves: RHEL-34756 - ipa-otptoken-import: open the key file in binary mode Resolves: RHEL-39616 - ipa-crlgen-manage: manage the cert status task execution time Resolves: RHEL-30280 - idrange-add: add a warning because 389ds restart is required Resolves: RHEL-28996 - PKINIT certificate: fix renewal on hidden replica Resolves: RHEL-4913, RHEL-45908
- Add missing part of backported CVE-2024-3183 fix Resolves: RHEL-29927
- kdb: apply combinatorial logic for ticket flags (CVE-2024-3183) Resolves: RHEL-29927 - kdb: fix vulnerability in GCD rules handling (CVE-2024-2698) Resolves: RHEL-29692
- dcerpc: invalidate forest trust intfo cache when filtering out realm domains Resolves: RHEL-28559 - Backport latests test fixes in python3-tests ipatests: add xfail for autoprivate group test with override ipatests: remove xfail thanks to sssd 2.9.4 ipatests: adapt for new automembership fixup behavior ipatests: Fixes for test_ipahealthcheck_ipansschainvalidation testcases test_xmlrpc: adopt to automember plugin message changes in 389-ds Resolves: RHEL-29908
- rpcserver: validate Kerberos principal name before running kinit Resolves: RHEL-26153 - Vault: add additional fallback to RSA-OAEP wrapping algo Resolves: RHEL-28259
- ipa-kdb: Fix double free in ipadb_reinit_mspac() Resolves: RHEL-25742 - kra: set RSA-OAEP as default wrapping algo when FIPS is enabled Resolves: RHEL-12153 - Vault: improve vault server archival/retrieval calls error handling Resolves: RHEL-12153 - Vault: add support for RSA-OAEP wrapping algo Resolves: RHEL-12153
- ipa-kdb: Rework ipadb_reinit_mspac() Resolves: RHEL-25742 - ipatests: wait for replica update in test_dns_locations Resolves: RHEL-22373 - ipatests: fix tasks.wait_for_replication() method Resolves: RHEL-25708
- kdb: PAC generator: do not fail if canonical principal is missing Resolves: RHEL-23630 - ipa-kdb: Fix memory leak during PAC verification Resolves: RHEL-22644 - Fix session cookie access Resolves: RHEL-23622 - Do not ignore staged users in sidgen plugin Resovlves: RHEL-23626 - ipa-kdb: Disable Bronze-Bit check if PAC not available Resolves: RHEL-22313 - krb5kdc: Fix start when pkinit and otp auth type are enabled Resolves: RHEL-4874 - hbactest was not collecting or returning messages Resolves: RHEL-12780