[ol8_baseos_latest] sssd-krb5-2.4.0-9.0.1.el8.x86_64

Name:	sssd-krb5
Version:	2.4.0
Release:	9.0.1.el8
Architecture:	x86_64
Group:	Applications/System
Size:	82559
License:	GPLv3+
RPM:	sssd-krb5-2.4.0-9.0.1.el8.x86_64.rpm
Source RPM:	sssd-2.4.0-9.0.1.el8.src.rpm
Build Date:	Wed May 19 2021
Build Host:	host-100-100-224-17.blddevtest1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	https://pagure.io/SSSD/sssd/
Summary:	The Kerberos authentication back end for the SSSD
Description:	Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.

Changelog (Show File list) (Show related packages)

Tue May 18 2021 EL Errata <el-errata_ww@oracle.com> - 2.4.0-9.0.1

- Restore default debug level for sss_cache [Orabug: 32810448]
- Restore default debug level for shadow-utils tools [Orabug: 32810448]
- Revert Redhat's change of disallowing duplicated incomplete gid
  when "id_provider=ldap" is used, which caused regression in AD
  environment. [Orabug: 29286774] [Doc ID 2605732.1]

Fri Mar 19 2021 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-9
```
- Resolves: rhbz#1899712 - [sssd] RHEL 8.4 Tier 0 Localization
```

Fri Feb 12 2021 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-8

- Resolves: rhbz#1926622 - Add support to verify authentication indicators in pam_sss_gss
- Resolves: rhbz#1926454 - First smart refresh query contains modifyTimestamp even if the modifyTimestamp is 0.
- Resolves: rhbz#1893159 - Default debug level should report all errors / failures (additional patch)

Tue Jan 26 2021 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-7

- Resolves: rhbz#1920001 - Do not add '%' to group names already prefixed with '%' in IPA sudo rules
- Resolves: rhbz#1918433 - sssd unable to lookup certmap rules
- Resolves: rhbz#1917382 - [abrt] [faf] sssd: dp_client_handshake_timeout(): /usr/libexec/sssd/sssd_be killed by 11

Mon Jan 18 2021 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-6

- Resolves: rhbz#1113639 - autofs: return a connection failure until maps have been fetched
- Resolves: rhbz#1915395 - Memory leak in the simple access provider
- Resolves: rhbz#1915319 - SSSD: SBUS: failures during servers startup
- Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication (additional patches)

Mon Dec 28 2020 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-5

- Resolves: rhbz#1631410 - Can't login with smartcard with multiple certs having same ID value
- Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff (additional patches)
- Resolves: rhbz#1893159 - Default debug level should report all errors / failures
- Resolves: rhbz#1893698 - [RFE] sudo kerberos authentication

Mon Dec 21 2020 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-4

- Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process
- Resolves: rhbz#1876658 - filter_groups option partially filters the group from 'id' output of the user because gidNumber still appears in 'id' output [RHEL 8]
- Resolves: rhbz#1895001 - User lookups over the InfoPipe responder fail intermittently

Mon Dec 07 2020 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-3

- Resolves: rhbz#1900733 - sssd_be segfaults at be_refresh_get_values_ex() due to NULL ptrs in results of sysdb_search_with_ts_attr()
- Resolves: rhbz#1876514 - High CPU utilization by the sssd_kcm process
- Resolves: rhbz#1894540 - sssd component logging is now too generic in syslog/journal
- Resolves: rhbz#1828483 - filtered ID is appearing due to strange negative cache behavior

Thu Nov 12 2020 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-2

- This is to bump version to allow rebuild against rebased libldb.

Fri Oct 23 2020 Alexey Tikhonov <atikhono@redhat.com> - 2.4.0-1

- Resolves: rhbz#1881992 - Rebase SSSD for RHEL 8.4
- Resolves: rhbz#1722842 - sssd-kcm does not store TGT with ssh login using GSSAPI
- Resolves: rhbz#1734040 - sssd crash in ad_get_account_domain_search()
- Resolves: rhbz#1784459 - [RFE] tlog does not allow to exclude some users from session recording
- Resolves: rhbz#1791300 - sporadic sssd_be crash on s390x
- Resolves: rhbz#1817122 - 'getent group ldapgroupname' doesn't show any LDAP users or some LDAP users when 'rfc2307bis' schema is used with SSSD.
- Resolves: rhbz#1819012 - [RFE] Improve AD site discovery process
- Resolves: rhbz#1846778 - [RfE] `/usr/libexec/sssd/p11_child` cmdline argument '--nssdb' might be confusing when SSSD was built against OpenSSL
- Resolves: rhbz#1873715 - automount sssd issue when 2 automount maps have the same key (one un uppercase, one in lowercase)
- Resolves: rhbz#1879860 - correction in sssd.conf:pam_response_filter man page
- Resolves: rhbz#1881336 - [RFE] sssd-ldap man page modification for parameter "ldap_referrals"
- Resolves: rhbz#1883488 - [RfE] Implement a new sssd.conf option to disable the filter for AD domain local groups from trusted domains
- Resolves: rhbz#1884196 - [RFE] Add "enabled" option to domain section in config file
- Resolves: rhbz#1884205 - KCM: Increase client idle timeout to 5 minutes
- Resolves: rhbz#1884207 - [RFE] ldap: add new option ldap_library_debug_level
- Resolves: rhbz#1884213 - [RFE] add offline_timeout_max config option to control offline interval backoff
- Resolves: rhbz#1884281 - Secondary LDAP group go missing from 'id' command
- Resolves: rhbz#1884301 - [RFE] dyndns: suport asymmetric auth for nsupdate