Adam Williamson
bc9c19ace8
Merge branch 'master' into f27
2017-09-13 10:19:58 -07:00
Adam Williamson
5376c6da20
Backport fixes for a couple more critical F27 Beta issues
2017-09-13 09:48:02 -07:00
Adam Williamson
74fd0309b7
Merge branch 'master' into f27
...
tkrizek sent the 4.6.0 bump commit to master and f27 branches with
different commit IDs for some reason, merging back together with
the 4.6.0-2 changes.
2017-09-06 08:28:53 -07:00
Adam Williamson
6f0885e4fd
Backport fix for #1488640 , BuildRequires diffstat
2017-09-06 08:28:43 -07:00
Adam Williamson
f2fe300436
Backport fix for #1488640 , BuildRequires diffstat
2017-09-06 08:19:08 -07:00
Tomas Krizek
c32989f9b1
4.6.0-1: rebase to upstream 4.6.0
...
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-09-04 14:09:28 +02:00
Tomas Krizek
4403f2b6fc
4.6.0-1: rebase to upstream 4.6.0
...
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-09-04 13:49:25 +02:00
Fedora Release Engineering
a8d1e96588
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
2017-08-02 20:46:40 +00:00
Fedora Release Engineering
dfcf49a987
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
2017-07-26 08:44:20 +00:00
Tomas Krizek
4e8781975d
4.5.3-1: Update to upstream 4.5.3
...
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-07-21 16:31:34 +02:00
Alexander Bokovoy
fe61781bfa
Make sure tmpfiles.d snippet is in place after replica install
2017-07-13 10:34:49 +03:00
Alexander Bokovoy
ed08e3296d
Increase Java stack size to 16m
...
ppc64-le builds fail with a crash when running Rhino to compile js code.
In past such failures were associated with inadequate Java stack size.
Test this idea with a larger stack size.
2017-07-10 12:30:58 +03:00
Alexander Bokovoy
8fa3823f90
Fix build with Samba 4.7.0-RC1
2017-07-10 09:56:04 +03:00
Alexander Bokovoy
64e5d5a656
Fix build with Samba 4.7.0-RC1
2017-07-10 09:55:28 +03:00
Tomas Krizek
71dac404bd
fix ip address checks and python-netifaces
...
Important patches that will be part of 4.5.3 release.
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-06-20 14:33:05 +02:00
Tomas Krizek
eefef33439
Update to upstream 4.5.2
...
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-06-18 20:09:59 +02:00
Tomas Krizek
c72eb707b4
Update to upstream 4.5.1
2017-05-25 15:11:33 +02:00
Tomas Krizek
1a7895e56c
4.4.4-2 bugfixes
...
- Fixes #1448049 Subpackage freeipa-server-common has unmet dependencies on Rawhide
- Fixes #1430247 FreeIPA server deployment runs ipa-custodia on Python 3, should use Python 2
- Fixes #1446744 python2-ipaclient subpackage does not own %{python_sitelib}/ipaclient/plugins
- Fixes #1440525 surplus 'the' in output of `ipa-adtrust-install`
- Fixes #1411810 ipa-replica-install fails with 406 Client Error
- Fixes #1405814 ipa plugins: ERROR an internal error occured
2017-05-23 12:36:52 +02:00
Tomas Krizek
0cfff8c8ae
Update to upstream 4.4.4
2017-03-24 14:27:06 +01:00
Alexander Bokovoy
ffb418a5d6
Use different method to keep /usr/bin/ipa on Python 2
...
Fixes #1426847 - cannot upgrade freeipa-client on rawhide
Thanks to Petr Viktorin for coming up with the change
2017-03-01 08:12:37 +02:00
Tomas Krizek
09bdd29080
4.4.3-7
...
- Fixes #1413137 CVE-2017-2590 ipa: Insufficient permission check for
ca-del, ca-disable and ca-enable commands
2017-02-27 14:21:48 +01:00
Alexander Bokovoy
3f4b03b412
Rebuild to pick up system-python dependency change
...
Fixes #1426847 -- Cannot upgrade freeipa-client on rawhide
2017-02-27 10:36:26 +02:00
Tomas Krizek
99f783444d
Add support for KRB DAL 6.1 and bind-dyndb-ldap 11.0
2017-02-15 15:48:51 +01:00
Fedora Release Engineering
8a7de36eea
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
2017-02-10 10:00:13 +00:00
Igor Gnatenko
11f9ba7934
Rebuild for xmlrpc-c
...
Signed-off-by: Igor Gnatenko <ignatenko@redhat.com>
2017-01-21 14:50:01 +01:00
Miro Hrončok
53083d6830
Rebuild for Python 3.6
2016-12-22 13:08:41 +01:00
Petr Vobornik
2bb85d3432
use SHA512 in sources
2016-12-16 21:20:59 +01:00
Pavel Vomacka
f573742499
Update to upstream 4.4.3
2016-12-16 21:14:48 +01:00
Pavel Vomacka
d3389e055a
4.4.2-4: CVE-2016-9575, CVE-2016-7030
...
Fixes 1395311 - CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod
Fixes 1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services
by abusing password policy
2016-12-14 22:19:06 +01:00
Petr Vobornik
26b01c4688
Fix bz 1389866
...
Support DAL version 5 and version 6 in KDB driver
https://bugzilla.redhat.com/show_bug.cgi?id=1389866
2016-11-29 10:22:46 +01:00
Petr Vobornik
064dc19e83
Rebuild against krb5-1.15
...
fixes : #1387460
2016-10-21 23:54:12 +02:00
Petr Vobornik
d16eb0d756
Update to upstream 4.4.2
2016-10-13 18:19:53 +02:00
Alexander Bokovoy
070313822d
Add changelog
2016-09-01 18:16:29 +03:00
Alexander Bokovoy
5f5010dd71
Update SELinux execmem workaround
...
dcerpc crypto changes were merged upstream
2016-09-01 17:05:35 +03:00
Alexander Bokovoy
64545c1505
Update sources
2016-09-01 16:52:24 +03:00
Alexander Bokovoy
47a0c67ac7
Update to upstream 4.4.1 release
2016-09-01 16:47:48 +03:00
Petr Vobornik
6b7ae28924
4.3.2-2: CVE-2016-5404
2016-08-19 15:14:46 +02:00
Petr Vobornik
56944c4963
Update to upstream 4.3.2
2016-07-22 18:08:20 +02:00
Petr Vobornik
a76abac86e
Fix typo in SELinux 'execmem' denials fix
...
According to https://fedorahosted.org/freeipa/ticket/5442#comment:7
2016-07-22 18:06:47 +02:00
Fedora Release Engineering
8b518cbb8f
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
2016-07-19 07:06:29 +00:00
Petr Vobornik
1e163887b2
Rebase 0001-Workarounds-for-SELinux-execmem-violations-in-crypto.patch
2016-03-24 16:43:12 +01:00
Petr Vobornik
ffe6f461b2
Update to upstream 4.3.1
2016-03-24 16:21:34 +01:00
Petr Vobornik
21c82e0cbb
fix build with Samba 4.4
...
- Fix build with Samba 4.4
- Update SELinux requires to fix connection check during installation
2016-02-04 12:18:14 +01:00
Dennis Gilmore
101663ab3b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
2016-02-03 20:46:39 +00:00
Petr Vobornik
f43314092f
spec: do not require arch specific ipalib package from noarch packages
...
noarch packages should not contain:
Requires: some-package-{?_isa}
2016-01-19 18:53:41 +01:00
Petr Vobornik
b2442d51ba
Workarounds for SELinux execmem violations in crypto
2015-12-18 17:48:36 +01:00
Petr Vobornik
00828c7569
Update to upstream 4.3.0
2015-12-18 17:48:36 +01:00
Petr Vobornik
a33b200323
Workarounds for SELinux execmem violations in cryptography
...
ipaserver.dcerpc uses M2Crypto again on Python 2.7 and Dogtag's
pki.client no longer tries to use PyOpenSSL instead of Python's ssl
module.
Some dependencies like Dogtag's pki.client library and custodia use
python-requsts to make HTTPS connection. python-requests prefers
PyOpenSSL over Python's stdlib ssl module. PyOpenSSL is build on top
of python-cryptography which trigger a execmem SELinux violation
in the context of Apache HTTPD (httpd_execmem).
When requests is imported, it always tries to import pyopenssl glue
code from urllib3's contrib directory. The import of PyOpenSSL is
enough to trigger the SELinux denial.
A hack in wsgi.py prevents the import by raising an ImportError.
2015-12-08 21:28:39 +01:00
Petr Vobornik
efcb307b47
Update to upstream 4.2.3
2015-11-02 19:58:16 +01:00
Alexander Bokovoy
5e5a1f4339
Rebuild against krb5 1.14
2015-10-21 19:45:51 +03:00