Name: | ipa-common |
---|---|
Version: | 4.4.0 |
Release: | 14.0.1.el7_3.6 |
Architecture: | noarch |
Group: | System Environment/Libraries |
Size: | 1637242 |
License: | GPLv3+ |
RPM: | ipa-common-4.4.0-14.0.1.el7_3.6.noarch.rpm |
Source RPM: | ipa-4.4.0-14.0.1.el7_3.6.src.rpm |
Build Date: | Thu Mar 02 2017 |
Build Host: | x86-ol7-builder-01.us.oracle.com |
Vendor: | Oracle America |
URL: | http://www.freeipa.org/ |
Summary: | Common files used by IPA |
Description: | IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). If you are using IPA, you need to install this package. |
- Blank out header-logo.png product-name.png Replace login-screen-logo.png [20362818]
- Resolves: #1416488 replication race condition prevents IPA to install - wait_for_entry: use only DN as parameter - Wait until HTTPS principal entry is replicated to replica - Use proper logging for error messages
- Resolves: #1410760 ipa-ca-install fails on replica when IPA Master is installed without CA - Set up DS TLS on replica in CA-less topology - Resolves: #1413137 CVE-2017-2590 ipa: Insufficient permission check for ca-del, ca-disable and ca-enable commands - ca: correctly authorise ca-del, ca-enable and ca-disable - Resolves: #1416481 IPA replica install fails with dirsrv errors. - Do not configure PKI ajp redirection to use "::1"
- Resolves: #1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy - ipa-kdb: search for password policies globally - Renamed patches 1011 and 1012 to 0151 and 0150, as they were merged upstream
- Resolves: #1404338 Check IdM Topology for broken record caused by replication conflict before upgrading it - Check for conflict entries before raising domain level
- Resolves: #1401953 ipa-ca-install on promoted replica hangs on creating a temporary CA admin - replication: ensure bind DN group check interval is set on replica config - add missing attribute to ipaca replica during CA topology update - Resolves: #1404169 IPA upgrade of replica without DNS fails during restart of named-pkcs11 - bindinstance: use data in named.conf to determine configuration status - Resolves: #1404171 Creation of replica for disconnected environment is failing with CA issuance errors; Need good steps. - gracefully handle setting replica bind dn group on old masters
- Resolves: #1370493 CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy - password policy: Add explicit default password policy for hosts and services - Resolves: #1395311 CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod - certprofile-mod: correctly authorise config update
- Resolves: #1378353 Replica install fails with old IPA master sometimes during replication process - spec file: bump minimal required version of 389-ds-base - Resolves: #1387779 Make httpd publish CA certificate on Domain Level 1 - Fix missing file that fails DL1 replica installation - Resolves: #1387782 WebUI: Services are not displayed correctly after upgrade - WebUI: services without canonical name are shown correctly - Resolves: #1389709 Traceback seen in error_log when trustdomain-del is run - trustdomain-del: fix the way how subdomain is searched
- Resolves: #1318616 CA fails to start after doing ipa-ca-install --external-ca - Keep NSS trust flags of existing certificates - Resolves: #1360813 ipa-server-certinstall does not update all certificate stores and doesn't set proper trust permissions - Add cert checks in ipa-server-certinstall - Resolves: #1371479 cert-find --all does not show information about revocation - cert: add revocation reason back to cert-find output - Resolves: #1375133 WinSync users who have First.Last casing creates users who can have their password set - ipa passwd: use correct normalizer for user principals - Resolves: #1377858 Users with 2FA tokens are not able to login to IPA servers - Properly handle LDAP socket closures in ipa-otpd - Resolves: #1387779 Make httpd publish CA certificate on Domain Level 1 - Make httpd publish its CA certificate on DL1
- Resolves: #1373910 IPA server upgrade fails with DNS timed out errors. - Resolves: #1375269 ipa trust-fetch-domains throws internal error