[ol8_appstream] ipa-client-epn-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64

Name:	ipa-client-epn
Version:	4.9.13
Release:	12.0.2.module+el8.10.0+90388+5c50e971
Architecture:	x86_64
Module:	idm:DL1:8100020240815073148:10
Group:	System Environment/Base
Size:	50079
License:	GPLv3+
RPM:	ipa-client-epn-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.x86_64.rpm
Source RPM:	ipa-4.9.13-12.0.2.module+el8.10.0+90388+5c50e971.src.rpm
Build Date:	Thu Aug 15 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.freeipa.org/
Summary:	Tools to configure Expiring Password Notification in IPA
Description:	This package provides a service to collect and send expiring password notifications via email (SMTP).

Changelog (Show File list) (Show related packages)

Wed Aug 14 2024 David Sloboda <david.x.sloboda@oracle.com> - 4.9.13-12.0.2
```
- Rebuild
```

Wed Aug 14 2024 EL Errata <el-errata_ww@oracle.com> - 4.9.13-12.0.1

- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]

Wed Jul 17 2024 Rafael Jeffman <rjeffman@redhat.com> - 4.9.13-9

- Allow the admin user to be disabled
  Resolves: RHEL-34756
- ipa-otptoken-import: open the key file in binary mode
  Resolves: RHEL-39616
- ipa-crlgen-manage: manage the cert status task execution time
  Resolves: RHEL-30280
- idrange-add: add a warning because 389ds restart is required
  Resolves: RHEL-28996
- PKINIT certificate: fix renewal on hidden replica
  Resolves: RHEL-4913, RHEL-45908

Wed Jun 12 2024 Julien Rische <jrische@redhat.com> - 4.9.13-11

- Add missing part of backported CVE-2024-3183 fix
  Resolves: RHEL-29927

Tue Apr 30 2024 Julien Rische <jrische@redhat.com> - 4.9.13-10

- kdb: apply combinatorial logic for ticket flags (CVE-2024-3183)
  Resolves: RHEL-29927
- kdb: fix vulnerability in GCD rules handling (CVE-2024-2698)
  Resolves: RHEL-29692

Fri Apr 12 2024 Rafael Jeffman <rjeffman@redhat.com> - 9.4.13-9

- dcerpc: invalidate forest trust intfo cache when filtering out realm domains
  Resolves: RHEL-28559
- Backport latests test fixes in python3-tests
  ipatests: add xfail for autoprivate group test with override
  ipatests: remove xfail thanks to sssd 2.9.4
  ipatests: adapt for new automembership fixup behavior
  ipatests: Fixes for test_ipahealthcheck_ipansschainvalidation testcases
  test_xmlrpc: adopt to automember plugin message changes in 389-ds
  Resolves: RHEL-29908

Thu Mar 07 2024 Rafael Jeffman <rjeffman@redhat.com> - 4.9.13-8

- rpcserver: validate Kerberos principal name before running kinit
  Resolves: RHEL-26153
- Vault: add additional fallback to RSA-OAEP wrapping algo
  Resolves: RHEL-28259

Tue Feb 20 2024 Julien Rische <jrische@redhat.com> - 4.9.13-7

- ipa-kdb: Fix double free in ipadb_reinit_mspac()
  Resolves: RHEL-25742
- kra: set RSA-OAEP as default wrapping algo when FIPS is enabled
  Resolves: RHEL-12153
- Vault: improve vault server archival/retrieval calls error handling
  Resolves: RHEL-12153
- Vault: add support for RSA-OAEP wrapping algo
  Resolves: RHEL-12153

Fri Feb 16 2024 Julien Rische <jrische@redhat.com> - 4.9.13-6

- ipa-kdb: Rework ipadb_reinit_mspac()
  Resolves: RHEL-25742
- ipatests: wait for replica update in test_dns_locations
  Resolves: RHEL-22373
- ipatests: fix tasks.wait_for_replication() method
  Resolves: RHEL-25708

Tue Feb 13 2024 Rafael Jeffman <rjeffman@redhat.com> - 4.9.13-5

- kdb: PAC generator: do not fail if canonical principal is missing
  Resolves: RHEL-23630
- ipa-kdb: Fix memory leak during PAC verification
  Resolves: RHEL-22644
- Fix session cookie access
  Resolves: RHEL-23622
- Do not ignore staged users in sidgen plugin
  Resovlves: RHEL-23626
- ipa-kdb: Disable Bronze-Bit check if PAC not available
  Resolves: RHEL-22313
- krb5kdc: Fix start when pkinit and otp auth type are enabled
  Resolves: RHEL-4874
- hbactest was not collecting or returning messages
  Resolves: RHEL-12780