| Name: | ipa-server |
|---|---|
| Version: | 4.11.0 |
| Release: | 15.0.1.el9_4 |
| Architecture: | aarch64 |
| Group: | Unspecified |
| Size: | 1885109 |
| License: | GPL-3.0-or-later |
| RPM: | ipa-server-4.11.0-15.0.1.el9_4.aarch64.rpm |
| Source RPM: | ipa-4.11.0-15.0.1.el9_4.src.rpm |
| Build Date: | Mon Jun 10 2024 |
| Build Host: | build-ol9-aarch64.oracle.com |
| Vendor: | Oracle America |
| URL: | http://www.freeipa.org/ |
| Summary: | The IPA authentication server |
| Description: | IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). If you are installing an IPA server, you need to install this package. |
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674] - Add bind to ipa-server-common Requires [Orabug: 36518596]
- Resolves: RHEL-32231 CVE-2024-3183 ipa: freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force - Resolves: RHEL-31409 CVE-2024-2698 ipa: freeipa: delegation rules allow a proxy service to impersonate any user to access another target service
- Resolves: RHEL-23377 Enforce OTP for ldap bind (in some scenarios) - Resolves: RHEL-29745 Unable to re-add broken AD trust - NT_STATUS_INVALID_PARAMETER - Resolves: RHEL-30905 Backport latest test fixes in ipa
- Resolves: RHEL-28258 vault fails on non-fips client if server is in FIPS mode - Resolves: RHEL-26154 ipa: freeipa: specially crafted HTTP requests potentially lead to DoS or data exposure
- Resolves: RHEL-12143 'ipa vault-add is failing with ipa: ERROR: an internal error has occurred in FIPS mode - Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available
- Resolves: RHEL-25260 tier-1-upstream-dns-locations failed on RHEL8.8 gating - Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available - Resolves: RHEL-25815 Backport latest test fixes in python3-ipatests
- Resolves: RHEL-23627 IPA stops working if HTTP/... service principal was created before FreeIPA 4.4.0 and never modified - Resolves: RHEL-23625 sidgen plugin does not ignore staged users - Resolves: RHEL-23621 session cookie can't be read - Resolves: RHEL-22372 Gating-DL1 test failure in test_integration/test_dns_locations.py::TestDNSLocations::()::test_ipa_ca_records - Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix - Resolves: RHEL-17996 Memory leak in IdM's KDC
- Resolves: RHEL-12589 ipa: Invalid CSRF protection - Resolves: RHEL-19748 ipa hbac-test did not report that it hit an arbitrary search limit - Resolves: RHEL-21059 'DogtagCertsConfigCheck' fails, displaying the error message 'Malformed directive: ca.signing.certnickname=caSigningCert cert-pki-ca' - Resolves: RHEL-21804 ipa client 4.10.2 - Failed to obtain host TGT - Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix - Resolves: RHEL-21810 ipa-client-install --automount-location does not work - Resolves: RHEL-21811 Handle change in behavior of pki-server ca-config-show in pki 11.5.0 - Resolves: RHEL-21812 Backport latest test fixes in ipa - Resolves: RHEL-21813 krb5kdc fails to start when pkinit and otp auth type is enabled in ipa - Resolves: RHEL-21815 IPA 389ds plugins need to have better logging and tracing - Resolves: RHEL-21937 Make sure a default NetBIOS name is set if not passed in by ADTrust instance constructor
- Resolves: RHEL-16985 Handle samba 4.19 changes in samba.security.dom_sid()
- Resolves: RHEL-14428 healthcheck reports nsslapd-accesslog-logbuffering is set to 'off'