Commit Graph

63 Commits

Author SHA1 Message Date
Alexander Bokovoy
504c0ac7cd New upstream security release 4.8.3 2019-11-26 16:17:22 +02:00
Rob Crittenden
1463c20af5 Update to 4.8.2
- Replace %%{_libdir} macro in BuildRequires (#1746882)
- Restore user-nsswitch.conf before calling authselect (#1746557)
- ipa service-find does not list cifs service created by
  ipa-client-samba (#1731433)
- Occasional 'whoami.data is undefined' error in FreeIPA web UI
  (#1699109)
- ipa-kra-install fails due to fs.protected_regular=1 (#1698384)
2019-11-12 14:45:10 -05:00
Alexander Bokovoy
d3d8a98ebf Update to FreeIPA 4.8.1 2019-08-14 18:55:41 +03:00
Alexander Bokovoy
5eefa180c1 FreeIPA 4.8.0 release 2019-07-03 10:36:06 +03:00
Alexander Bokovoy
7d9a415144 First release candidate for FreeIPA 4.8.0 2019-04-29 22:40:13 +03:00
Alexander Bokovoy
43f492d125 Update sources to FreeIPA 4.7.2 2018-12-03 13:35:57 +02:00
Rob Crittenden
c3d08f1176 Update to upstream 4.7.1 2018-10-05 15:51:43 -04:00
Thomas Woerner
f6a1c1b62c Update to upstream 4.7.0
- New BuildRequires for nodejs and uglify-js
- New Requires for 389-ds-base-legacy-tools in server (RHBZ#1606541)
- Do not build python2-ipaserver and python2-ipatests for Fedora 29 and up
- Do not build any python2 packages for Fedora 30
- Added ipatest man pages to python3-ipatests packages also
- Added ipatest bindir links to python3-ipatests for Fedora up to 28
- Dropped explicit copy of freeipa.template, install is doing this now
- Added upstream fix: (f3faecb) Fix $-style format string in ipa_ldap_init
- Added upstream fix: (4b592fe,1a7baa2) Added reason to raise of errors.NotFound
2018-07-26 14:15:24 +02:00
Rob Crittenden
baaf4e605c Update to upstream 4.6.90.pre2
Resolves: #1562606
2018-05-15 16:22:52 -04:00
Rob Crittenden
b80b146ad3 Update sources with tarball and signature 2018-03-16 14:06:50 -04:00
Rob Crittenden
a416470bc5 4.6.3-1: rebase to upstream 4.6.3 2018-01-31 12:03:52 -05:00
Tomas Krizek
c777305290
4.6.1-1: rebase to upstream 4.6.1
- Fixes #1491053  Firefox reports insecure TLS configuration when visiting
  FreeIPA web UI after standard server deployment

Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-09-22 13:49:57 +02:00
Tomas Krizek
c32989f9b1
4.6.0-1: rebase to upstream 4.6.0
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-09-04 14:09:28 +02:00
Tomas Krizek
4e8781975d
4.5.3-1: Update to upstream 4.5.3
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-07-21 16:31:34 +02:00
Tomas Krizek
eefef33439
Update to upstream 4.5.2
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-06-18 20:09:59 +02:00
Tomas Krizek
c72eb707b4
Update to upstream 4.5.1 2017-05-25 15:11:33 +02:00
Tomas Krizek
0cfff8c8ae
Update to upstream 4.4.4 2017-03-24 14:27:06 +01:00
Pavel Vomacka
f573742499 Update to upstream 4.4.3 2016-12-16 21:14:48 +01:00
Petr Vobornik
d16eb0d756 Update to upstream 4.4.2 2016-10-13 18:19:53 +02:00
Alexander Bokovoy
64545c1505 Update sources 2016-09-01 16:52:24 +03:00
Petr Vobornik
56944c4963 Update to upstream 4.3.2 2016-07-22 18:08:20 +02:00
Petr Vobornik
ffe6f461b2 Update to upstream 4.3.1 2016-03-24 16:21:34 +01:00
Petr Vobornik
00828c7569 Update to upstream 4.3.0 2015-12-18 17:48:36 +01:00
Petr Vobornik
efcb307b47 Update to upstream 4.2.3 2015-11-02 19:58:16 +01:00
Petr Vobornik
e26c3e5b2a Update to upstream 4.2.2 2015-10-08 14:30:13 +02:00
Petr Vobornik
ece84f751e Update to upstream 4.2.1 2015-09-07 19:01:45 +02:00
Alexander Bokovoy
32b772b3ee Upstream 4.1.4 release to fix CVE-2015-1827 2015-03-26 16:46:20 +02:00
Petr Vobornik
fd86e26a5f Update to upstream 4.1.3
- see http://www.freeipa.org/page/Releases/4.1.3
2015-02-18 18:32:22 +01:00
Petr Vobornik
81defaec91 Update to upstream 4.1.2
- see http://www.freeipa.org/page/Releases/4.1.2
- fix CVE-2014-7850
2014-11-25 14:36:38 +01:00
Petr Vobornik
00870e3919 Update to upstream 4.1.1
- see http://www.freeipa.org/page/Releases/4.1.1
- fix CVE-2014-7828
2014-11-06 14:42:41 +01:00
Petr Vobornik
7ccb103e8e Update to upstream 4.1.0
see http://www.freeipa.org/page/Releases/4.1.0
2014-10-21 19:02:12 +02:00
Petr Viktorin
743ef0138f Update to upstream 4.0.3 - see http://www.freeipa.org/page/Releases/4.0.3 2014-09-12 21:59:09 +02:00
Petr Viktorin
694ce2174a Update to upstream 4.0.1 - see http://www.freeipa.org/page/Releases/4.0.2 2014-09-05 19:56:45 +02:00
Martin Kosek
f08947f751 Update to upstream 4.0.1 2014-07-25 14:14:39 +02:00
Petr Viktorin
92ad420100 Update to upstream 4.0.0
Remove Fedora patches, all are in the upstream release
Remove the freeipa-server-strict package
Update to upstream 4.0.0
2014-07-07 19:25:32 +02:00
Martin Kosek
78bfe5614a Update to upstream 3.3.5 2014-03-28 13:34:35 +01:00
Martin Kosek
9d21232151 3.3.4-1
- Update to upstream 3.3.4
- Install CA anchor into standard location (#928478)
- ipa-client-install part of ipa-server-install fails on reinstall (#1044994)
- Remove mod_ssl workaround (RHEL bug #1029046)
- Enable syncrepl plugin to support bind-dyndb-ldap 4.0
2014-01-28 13:37:46 +01:00
Martin Kosek
e17b01f313 3.3.3-3
Update to upstream 3.3.3, patch merged from F20.

Fix -Werror=format-security errors (#1037070)
2013-12-03 12:10:14 +01:00
Petr Viktorin
3ee1e7d905 Update to upstream 3.3.1 2013-08-29 17:09:48 +02:00
Martin Kosek
8a7e6ad5ed Update to upstream 3.3.0 2013-08-08 15:30:10 +02:00
Martin Kosek
9f9581104f Update to upstream 3.2.2
- Drop freeipa-server-selinux subpackage
- Drop redundant directory /var/cache/ipa/sessions
- Do not create /var/lib/ipa/pki-ca/publish, retain reference as ghost
- Run ipa-upgradeconfig and server restart in posttrans to avoid inconsistency
  issues when there are still old parts of software (like entitlements plugin)
2013-07-18 15:09:09 +02:00
Rob Crittenden
5e12d2ddce Update to upstream 3.2.0 GA
- ipa-client-install fails if /etc/ipa does not exist (#961483)
- Certificate status is not visible in Service and Host page (#956718)
- ipa-client-install removes needed options from ldap.conf (#953991)
- Handle socket.gethostbyaddr() exceptions when verifying hostnames
  (#953957)
- Add triggerin scriptlet to support OpenSSH 6.2 (#953617)
- Require nss 3.14.3-12.0 to address certutil certificate import
  errors (#953485)
- Require pki-ca 10.0.2-3 to pull in fix for sslget and mixed IPv4/6
  environments. (#953464)
- ipa-client-install removes 'sss' from /etc/nsswitch.conf (#953453)
- ipa-server-install --uninstall doesn't stop dirsrv instances
  (#953432)
-   Add requires for openldap-2.4.35-4 to pickup fixed SASL_NOCANON
  behavior for socket based connections (#960222)
- Require libsss_nss_idmap-python
- Add Conflicts on nss-pam-ldapd < 0.8.4. The mapping from uniqueMember
  to member is now done automatically and having it in the config file
  raises an error.
- Add backup and restore tools, directory.
- require at least systemd 38 which provides the journal (we no longer
  need to require syslog.target)
- Update Requires on policycoreutils to 2.1.14-37
- Update Requires on selinux-policy to 3.12.1-42
- Update Requires on 389-ds-base to 1.3.1.0
2013-05-10 12:33:54 -04:00
Martin Kosek
45d13fba45 Update to upstream 3.2.0 Prerelease 1
Spec file was also merged with up-to-date upstream reference spec
file to keep them consistent.
2013-04-02 18:47:49 +02:00
Rob Crittenden
3d64806b7a Update to upstream 3.1.2
- CVE-2012-4546: Incorrect CRLs publishing
- CVE-2012-5484: MITM Attack during Join process
- CVE-2013-0199: Cross-Realm Trust key leak
2013-01-23 17:13:20 -05:00
Rob Crittenden
5e038ec750 Updated to upstream 3.1.0 GA
- Set minimum for sssd to 1.9.2
- Set minimum for pki-ca to 10.0.0-1
- Set minimum for 389-ds-base to 1.3.0
- Set minimum for selinux-policy to 3.11.1-60
- Remove unneeded dogtag package requires
2012-12-10 15:52:46 -05:00
Rob Crittenden
4de47b3304 Updated to upstream 3.0.0 GA
- Set minimum for samba to 4.0.0-153.
- Make sure server-trust-ad subpackage alternates winbind_krb5_locator.so
  plugin to /dev/null since they cannot be used when trusts are configured
- Restrict krb5-server to 1.10.
- Update minimum for 389-ds-base to 1.3.0
- Add directory /var/lib/ipa/pki-ca/publish for CRL published by pki-ca
- Add Requires on zip for generating FF browser extension
2012-10-12 12:02:17 -04:00
Rob Crittenden
8a8da0b567 - Updated to upstream 3.0.0 rc 2
- Include new FF configuration extension
2012-10-09 16:22:06 -04:00
Rob Crittenden
23bbd3f9b4 Updated to upstream 3.0.0 rc 1
- Update BR for 389-ds-base to 1.2.11.14
- Update BR for krb5 to 1.10
- Update BR for samba4-devel to 4.0.0-139 (rc1)
- Add BR for python-polib
- Update Requires on policycoreutils to 2.1.12-5
- Update Requires on 389-ds-base to 1.2.11.14
- Update Requires on selinux-policy to 3.11.1-21
- Update Requires on dogtag to 10.0.0-0.33.a1
- Update Requires on certmonger to 0.60
- Update Requires on tomcat to 7.0.29
- Update minimum version of bind to 9.9.1-10.P3
- Update minimum version of bind-dyndb-ldap to 1.1.0-0.16.rc1
- Remove Requires on authconfig from python sub-package
2012-09-21 16:34:00 -04:00
Rob Crittenden
3c1392be1b Update to upstream 3.0.0 beta 2 2012-08-17 11:31:03 -04:00
Rob Crittenden
a0ca5be798 Update to upstream 3.0.0 beta 1 2012-07-02 15:55:25 -04:00