[ol9_appstream] sssd-idp-2.7.3-4.0.1.el9_1.1.aarch64

Name:	sssd-idp
Version:	2.7.3
Release:	4.0.1.el9_1.1
Architecture:	aarch64
Group:	Unspecified
Size:	138331
License:	GPLv3+
RPM:	sssd-idp-2.7.3-4.0.1.el9_1.1.aarch64.rpm
Source RPM:	sssd-2.7.3-4.0.1.el9_1.1.src.rpm
Build Date:	Sat Nov 19 2022
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/SSSD/sssd/
Summary:	Kerberos plugins and OIDC helper for external identity providers.
Description:	This package provides Kerberos plugins that are required to enable authentication against external identity providers. Additionally a helper program to handle the OAuth 2.0 Device Authorization Grant is provided.

Changelog (Show File list) (Show related packages)

Fri Nov 18 2022 EL Errata <el-errata_ww@oracle.com> - 2.7.3-4.0.1.1
```
- Restore default debug level for sss_cache [Orabug: 32810448]
```

Fri Oct 14 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-4.1

- Resolves: rhbz#2128902 - Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) [rhel-9.1.0.z]

Fri Aug 26 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-4

- Related: rhbz#1978119 - [Improvement] avoid interlocking among threads that use `libsss_nss_idmap` API (or other sss_client libs)

Tue Aug 23 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-3

- Resolves: rhbz#2116389 - rpc.gssd crash when access a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-2.el9
- Resolves: rhbz#2119373 - sssctl analyze --logdir option requires sssd to be configured
- Resolves: rhbz#2120657 - Incorrect request ID tracking from responder to backend

Mon Aug 08 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-2

- Resolves: rhbz#2106660 - [regression] sssd goes offline with forced ldaps configuration
- Resolves: rhbz#2109451 - virsh command will hang after the host run several auto test cases
- Resolves: rhbz#2098654 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL
- Resolves: rhbz#2106685 - [regression] sssctl analyze fails to parse PAM related sssd logs

Tue Jul 05 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-1

- Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
- Resolves: rhbz#1936551 - [Improvement] Provide user feedback when login fails due to blocked PIN
- Resolves: rhbz#1978119 - [Improvement] avoid interlocking among threads that use `libsss_nss_idmap` API (or other sss_client libs)
- Resolves: rhbz#2062665 - [sssd] RHEL 9.1 Tier 0 Localization

Mon Jun 13 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.1-2

- Resolves: rhbz#2073095 - Harden kerberos ticket validation (additional patch)
- Resolves: rhbz#2061795 - Unable to lookup AD user if the AD group contains '@' symbol (additional patch)

Sat Jun 04 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.1-1

- Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
- Resolves: rhbz#1893192 - sdap_nested_group_deref_direct_process() triggers internal watchdog for large data sets
- Resolves: rhbz#1927553 - [Improvement] add SSSD support for more than one CRL PEM file name with parameters certificate_verification and crl_file
- Resolves: rhbz#2089216 - pam_sss_gss ceased to work after upgrade to 8.6
- Resolves: rhbz#2090776 - Add idp authentication indicator in man page of sssd.conf
- Resolves: rhbz#1927195 - sssd runs out of proxy child slots and doesn't clear the counter for Active requests
- Resolves: rhbz#2073095 - Harden kerberos ticket validation
- Resolves: rhbz#2082455 - 'getent hosts' not return hosts if they have more than one CN in LDAP
- Resolves: rhbz#2087581 - Regression "Missing internal domain data." when setting ad_domain to incorrect

Wed May 11 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.0-2

- Resolves: rhbz#2065693 - [RHEL9] Ship new sub-package called sssd-idp into sssd

Wed Apr 20 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.0-1

- Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
- Resolves: rhbz#2072640 - sssd_nss exiting (due to missing 'sssd' local user) making SSSD service to restart in a loop
- Resolves: rhbz#2070189 - sssd error triggers backtrace : [write_krb5info_file_from_fo_server] (0x0020): [RID#73501] There is no server that can be written into kdc info file.
- Resolves: rhbz#2070138 - SSSD authenticating to LDAP with obfuscated password produces Invalid authtoken type message causing sssd_be to go offline (cross inter_ference of different provider plugins options)
- Resolves: rhbz#2065693 - [RHEL9] Ship new sub-package called sssd-idp into sssd
- Resolves: rhbz#2065098 - Use right sdap_domain in ad_domain_info_send
- Resolves: rhbz#2062716 - [Improvement] Add user and group version of sss_nss_getorigbyname()
- Resolves: rhbz#2061795 - Unable to lookup AD user if the AD group contains '@' symbol
- Resolves: rhbz#2056482 - [RFE] Add sssd internal krb5 plugin for authentication against external IdP via OAuth2
- Resolves: rhbz#1937895 - SSSD update prompts for smartcard pin twice - After update to 7.9
- Resolves: rhbz#1925559 - [RFE] Implement time logging for the LDAP queries and warning of high queries time
- Resolves: rhbz#1915564 - sssd does not enforce smartcard auth for kde screen locker
- Resolves: rhbz#1859751 - [RFE] Allow SSSD to use anonymous pkinit for FAST
- Resolves: rhbz#1749279 - 2FA prompting setting ineffective
- Resolves: rhbz#1661055 - sssd fails GPO-based access if AD have setup with Japanese language
- Resolves: rhbz#1245367 - [RFE] Implement memory cache for SID requests to improve performance