[ol9_appstream] ipa-client-samba-4.9.8-7.0.1.el9_0.aarch64

Name:	ipa-client-samba
Version:	4.9.8
Release:	7.0.1.el9_0
Architecture:	aarch64
Group:	System Environment/Base
Size:	44729
License:	GPLv3+
RPM:	ipa-client-samba-4.9.8-7.0.1.el9_0.aarch64.rpm
Source RPM:	ipa-4.9.8-7.0.1.el9_0.src.rpm
Build Date:	Mon May 09 2022
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.freeipa.org/
Summary:	Tools to configure Samba on IPA client
Description:	This package provides command-line tools to deploy Samba domain member on the machine enrolled into a FreeIPA environment

Changelog (Show File list) (Show related packages)

Wed May 04 2022 EL Errata <el-errata_ww@oracle.com> - 4.9.8-7.0.1

- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]

Mon Mar 21 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-7

- Resolves: rhbz#2057471 Consequences of FIPS crypto policy tightening in RHEL 9
  - KRB instance: make provision to work with crypto policy without SHA-1 HMAC types
  - tests: ensure AD-SUPPORT subpolicy is active
  - ipatests: extend AES keyset to SHA2-based ones
  - freeipa.spec: bump crypto-policies dependency for CentOS 9 Stream
  - Kerberos instance: default to AES256-SHA2 for master key encryption
  - test_otp: do not use paramiko unless it is really needed
  - test_krbtpolicy: skip SPAKE-related tests in FIPS mode
  - Support AES for KRA archival wrapping
  - Set AES as default for KRA archival wrapping

Thu Feb 24 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-6

- Resolves: rhbz#2057467 Backport latest test fixes in python3-ipatests
  - ipatests: Tests for Autoprivate group.
  - mark xfail for test_idoverride_with_auto_private_group[hybrid]
  - Mark xfail test_gidnumber_not_corresponding_existing_group[true,hybrid]

Mon Feb 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.8-5
```
- Resolves: rhbz#2053025
  - add IPA test suite fixes
```

Mon Feb 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.8-4

- Resolves: rhbz#2053586 IPA LDAP plugin ipa-cldap memory leak
  - fix memory leak in CLDAP responder

Fri Feb 11 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-3

- Resolves: rhbz#2050540 Unable to join RHEL 8.5 Replica to RHEL 7.9 Master for migration purposes
  - Don't always override the port in import_included_profiles
- Resolves: rhbz#2051582 Enable ipa-ccache-sweep.timer during server installation
  - Test ipa-ccache-sweep.timer enabled by default during installation
  - Enable the ccache sweep timer during installation
- Resolves: rhbz#2051844 ipa-join tests are failing due to changes in expected output
  - Remove ipa-join errors from behind the debug option

Thu Feb 03 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-2

- Resolves: rhbz#2040619 - Changing default pac type to 'nfs:NONE and MS-PAC' doesnot display error 'ipa: ERROR: no modifications to be performed'
  - Config plugin: return EmptyModlist when no change is applied
  - config plugin: add a test ensuring EmptyModlist is returned
- Resolves: rhbz#2048510 - [rhel-9.0] Backport latest test fixes in python3-ipatests
  - ipatests: webui: Tests for subordinate ids.
  - ipatests: webui: Use safe-loader for loading YAML configuration file
  - ipatests: Fix test_ipa_cert_fix.py::TestCertFixReplica teardown
  - Test cases for ipa-replica-conncheck command
  - PEP8 Fixes
  - ipatests: Test empty cert request doesn't force certmonger to segfault
  - ipatests: Test default value of nsslapd-sizelimit.
  - Extend test to see if replica is not shown when running `ipa-replica-manage list -v <FQDN>`
  - Added test automation for SHA384withRSA CSR support
- Resolves: rhbz#2049104 - User can't log in after ipa-user-mod --user-auth-type=hardened
  - ipa-kdb: do not remove keys for hardened auth-enabled users
  - ipatests: add case for hardened-only ticket policy
- Resolves: rhbz#2049174 - KRA GetStatus service blocked by IPA proxy
  - ipa-pki-proxy.conf: provide access to /kra/admin/kra/getStatus

Thu Dec 02 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-1

- Resolves: rhbz#2015608 - [Rebase] Rebase ipa to latest 4.9.x release RHEL9
- Resolves: rhbz#1825010 - Concerns regarding 'ipa pwpolicy-mod --minlife 24 --maxlife 1'
- Resolves: rhbz#1966289 - Info about searchrecordslimit set search limit to 10,000 after upgrade
- Resolves: rhbz#1980356 - reinstalling samba client causes winbindd coredump
- Resolves: rhbz#1986054 - fix automountlocation-tofiles output
- Resolves: rhbz#2020205 - Missing bind-pkcs11-utils causing failures in OpenDNSSec
- Resolves: rhbz#2021445 - CVE-2020-25719 ipa: samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets
  - ipa-kdb: issue PAC_REQUESTER_SID only for TGTs
  - ipa-kdb: fix requester SID check according to MS-KILE and MS-SFU updates

Tue Oct 05 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-9

- Resolves: rhbz#2010701 ipa-server-install fails while 'configuring certificate server instance'
  - Parse getStatus as JSON not XML
  - Parse cert chain as JSON not XML
  - Specify PKI installation log paths
  - Make Dogtag return XML for ipa cert-find

Fri Sep 17 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-8

- Resolves: rhbz#2005864 ipa cert-request replaces user certificate instead of adding
 - Don't store entries with a usercertificate in the LDAP cache
 - ipatests: Test that a user can be issued multiple certificates