Commit Graph

70 Commits

Author SHA1 Message Date
Florence Blanc-Renaud
ea1a342fa7 ipa-4.12.2-4
- Bump release for rebuild

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-11-04 08:44:38 +01:00
Florence Blanc-Renaud
4766b53190 ipa-4.12.2-3
- Resolves: RHEL-61642 Uninstall ACME separately during PKI uninstallation

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-10-29 15:29:05 +01:00
Florence Blanc-Renaud
c8a18bb46d ipa-4.12.2-2
- Related: RHEL-59788 Rebase Samba to the latest 4.21.x release
- Fixes: RHEL-61642 Uninstall ACME separately during PKI uninstallation
- Fixes: RHEL-56963 SSSD offline causing test-adtrust-install failure
- Fixes: RHEL-56473 Include latest fixes in python3-ipatests packages
- Fixes: RHEL-48104 Default hbac rules are duplicated on remote server post ipa-migrate in prod-mode
- Fixes: RHEL-45330 [RFE] add a tool to quickly detect and fix issues with IPA ID ranges
- Fixes: RHEL-40376 SID generation task is failing when SELinux is in Enforcing mode
- Fixes: RHEL-4915 Last expired OTP token would be c

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-10-21 19:24:16 +02:00
Florence Blanc-Renaud
9b3c30c71b ipa-4.12.2-1
- Resolves: RHEL-54546 Covscan issues: Resource Leak
- Resolves: RHEL-49602 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w
- Resolves: RHEL-40359 With unreachable AD, ipa trust returns an internal error

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-08-22 09:01:34 +02:00
Florence Blanc-Renaud
3979c73861 ipa-4.12.0-7
- Resolves: RHEL-53500 adtrustinstance only prints issues in check_inst() and does not log them
- Resolves: RHEL-52306 Unconditionally add MS-PAC to global config
- Resolves: RHEL-52300 RFE - Keep the configured value for the "nsslapd-ignore-time-skew" after a "force-sync"
- Resolves: RHEL-52222 ipa-replica/server-install with softhsm needs to check permission/ownership of /var/lib/softhsm/tokens to avoid install failure
- Resolves: RHEL-51944 Include latest fixes in python3-ipatests packages
- Resolves: RHEL-50804 ipa-migrate -Z with invalid cert options fails with 'ValueError: option error'
- Resolves: RHEL-49602 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w
- Resolves: RHEL-27856 'Unable to log in as uid=admin-replica.testrealm.test,ou=people,o=ipaca' during replica install

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-08-08 16:27:46 +02:00
Florence Blanc-Renaud
8b6d847e67 ipa-4.12.0-6
- Resolves: RHEL-47292 Include latest fixes in python3-ipatests packages
- Resolves: RHEL-47146 Syntax error uninstalling the selinux-luna subpackage
- Resolves: RHEL-46009 ipa-migrate with -Z option fails with ValueError: option error
- Resolves: RHEL-46003 ipa-migrate -V options fails to display version
- Resolves: RHEL-45463 ipa-migrate stage-mode is failing with error: Modifying a mapped attribute in a managed entry is not allowed
- Resolves: RHEL-40890 ipa-server-install: token_password_file read in kra.install_check after calling hsm_validator in ca.install_check
- Resolves: RHEL-40661 Adjust "ipa config-mod --addattr ipaconfigstring=EnforceLDAPOTP" to allow for non OTP users in some cases

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-07-18 14:25:55 +02:00
Florence Blanc-Renaud
d0ca280108 ipa-4.12.0-5
- Resolves: RHEL-37285 IPA Web UI not showing replication agreement for non-admin users
- Resolves: RHEL-42703 PSKC.xml issues with ipa_otptoken_import.py
- Resolves: RHEL-41194 ipa-client rpm post script creates always ssh_config.orig even if nothing needs to be changed
- Resolves: RHEL-39477 kdc.crt certificate not getting automatically renewed by certmonger in IPA Hidden replica
- Resolves: RHEL-46559 Include latest fixes in python3-ipatests packages
- Resolves: RHEL-22188 [RFE] Allow IPA SIDgen task to continue if it finds an entity that SID can't be assigned to

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-07-08 18:35:11 +02:00
Julien Rische
29fb2ea8fd ipa-4.12.0-4
- Resolves: RHEL-29928 freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
- Resolves: RHEL-29691 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service

Signed-off-by: Julien Rische <jrische@redhat.com>
2024-06-10 18:18:25 +02:00
Florence Blanc-Renaud
3e4c75a7b3 ipa-4.12.0-3
- Related: RHEL-34809
temporarily revert a commit that depends on newer version of python-jwcrypto

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-06-05 15:07:32 +02:00
Florence Blanc-Renaud
86ca9218d9 ipa-4.12.0-2
- Resolves: RHEL-39950 ipa-client can't be installed because of a missing dependency

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-06-04 16:06:30 +02:00
Florence Blanc-Renaud
b4517960e4 ipa-4.12.0-1
- Resolves: RHEL-39140 Rebase ipa to the latest 4.12 version for RHEL 9.5
- Resolves: RHEL-34757 The change for preventing deletion of the admin user caused a regression in disable
- Resolves: RHEL-30553 Depend on nfsv4-client-utils or nfs-utils
- Resolves: RHEL-29762 IPA sidgen fails to create SID for manually set ID for a new range [rhel-9.5.0]
- Resolves: RHEL-26261 Fix replica connection check for use with AD administrator
- Resolves: RHEL-18062 ipa ca-show NAME --certificate-out=file creates empty file when NAME does not exist
- Resolves: RHEL-12149 traceback in ipaserver/dcerpc.py
- Resolves: RHEL-4810 [RFE] FreeIPA-to-FreeIPA migration
- Resolves: RHEL-4807 [RFE] Support in IPA for HSM boxes

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-05-29 19:24:35 +02:00
Florence Blanc-Renaud
c5c70da9d0 ipa-4.11.0-11
- Related: RHEL-33645 - Update samba to version 4.20.0

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-04-30 08:48:31 +02:00
Florence Blanc-Renaud
7507e52258 ipa-4.11.0-10
- Resolves: RHEL-23377 Enforce OTP for ldap bind (in some scenarios)
- Resolves: RHEL-29745 Unable to re-add broken AD trust - NT_STATUS_INVALID_PARAMETER
- Resolves: RHEL-30905 Backport latest test fixes in ipa
2024-03-29 14:53:47 +01:00
Florence Blanc-Renaud
0c468af06a ipa-4.11.0-9
- Resolves: RHEL-28258 vault fails on non-fips client if server is in FIPS mode
- Resolves: RHEL-26154 ipa: freeipa: specially crafted HTTP requests potentially lead to DoS or data exposure

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-03-07 16:38:49 +01:00
Florence Blanc-Renaud
a727d75b87 ipa-4.11.0-8
- Resolves: RHEL-12143 'ipa vault-add is failing with ipa: ERROR: an internal error has occurred in FIPS mode
- Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-02-20 19:02:57 +01:00
Florence Blanc-Renaud
7389b56a67 ipa-4.11.0-7
- Resolves: RHEL-25260 tier-1-upstream-dns-locations failed on RHEL8.8 gating
- Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available
- Resolves: RHEL-25815 Backport latest test fixes in python3-ipatests

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-02-16 11:36:47 +01:00
Florence Blanc-Renaud
13b7686650 ipa-4.11.0-6
- Resolves: RHEL-23627 IPA stops working if HTTP/... service principal was created before FreeIPA 4.4.0 and never modified
- Resolves: RHEL-23625 sidgen plugin does not ignore staged users
- Resolves: RHEL-23621 session cookie can't be read
- Resolves: RHEL-22372 Gating-DL1 test failure in test_integration/test_dns_locations.py::TestDNSLocations::()::test_ipa_ca_records
- Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix
- Resolves: RHEL-17996 Memory leak in IdM's KDC

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-02-09 12:03:31 +01:00
Florence Blanc-Renaud
e57a97aa67 ipa-4.11.0-5
- Resolves: RHEL-12589 ipa: Invalid CSRF protection
- Resolves: RHEL-19748 ipa hbac-test did not report that it hit an arbitrary search limit
- Resolves: RHEL-21059 'DogtagCertsConfigCheck' fails, displaying the error message 'Malformed directive: ca.signing.certnickname=caSigningCert cert-pki-ca'
- Resolves: RHEL-21804 ipa client 4.10.2 - Failed to obtain host TGT
- Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix
- Resolves: RHEL-21810 ipa-client-install --automount-location does not work
- Resolves: RHEL-21811 Handle change in behavior of pki-server ca-config-show in pki 11.5.0
- Resolves: RHEL-21812 Backport latest test fixes in ipa
- Resolves: RHEL-21813 krb5kdc fails to start when pkinit and otp auth type is enabled in ipa
- Resolves: RHEL-21815 IPA 389ds plugins need to have better logging and tracing
- Resolves: RHEL-21937 Make sure a default NetBIOS name is set if not passed in by ADTrust instance constructor

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2024-01-18 17:08:12 +01:00
Florence Blanc-Renaud
6a71086391 ipa-4.11.0-4
- Resolves: RHEL-16985 Handle samba 4.19 changes in samba.security.dom_sid()

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-12-01 17:12:39 +01:00
Florence Blanc-Renaud
1c59d31bde ipa-4.11.0-3
- Resolves: RHEL-14428 healthcheck reports nsslapd-accesslog-logbuffering is set to 'off'

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-11-20 10:48:30 +01:00
Florence Blanc-Renaud
80c7b3b6fc ipa-4.11.0-2
- Resolves: RHEL-14292 Backport latest test fixes in python3-ipatests
- Resolves: RHEL-15443 Server install: failure to install with externally signed CA because of timezone issue
- Resolves: RHEL-15444 Minimum length parameter in pwpolicy cannot be removed with empty string
- Resolves: RHEL-14842 Upstream xmlrpc tests are failing in RHEL9.4

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-11-06 17:15:36 +01:00
Florence Blanc-Renaud
7cca66eef5 ipa-4.11.0-1
- Resolves: RHEL-11652 Rebase ipa to latest 4.11.x version for RHEL 9.4
2023-10-06 10:59:48 +02:00
Florence Blanc-Renaud
6ef486fbd4 ipa-4.10.2-4
- Resolves: rhbz#2231847 RHEL 8.8 & 9.2 fails to create AD trust with STIG applied
- Resolves: rhbz#2232056 Include latest test fixes in python3-ipatests

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-08-17 15:23:04 +02:00
Florence Blanc-Renaud
02ac1c9481 ipa-4.10.2-3
- Resolves: rhbz#2229712 Delete operation protection for admin user
- Resolves: rhbz#2227831 Interrupt request processing in ipadb_fill_info3() if connection to 389ds is lost
- Resolves: rhbz#2227784 libipa_otp_lasttoken plugin memory leak
- Resolves: rhbz#2224570 Improved error messages are needed when attempting to add a non-existing idp to a user
- Resolves: rhbz#2230251 Backport latest test fixes to python3-ipatests

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-08-10 08:36:05 +02:00
Florence Blanc-Renaud
466d149b0e ipa-4.10.2-2
- Resolves: rhbz#2192969 Better handling of the command line and web UI cert search and/or list features
- Resolves: rhbz#2214933 Uninstalling of the IPA server is encountering a failure during the unconfiguration of the CA (Unconfiguring CA)
- Resolves: rhbz#2216114 After updating the RHEL from 8.7 to 8.8, IPA services fails to start
- Resolves: rhbz#2216549 Upgrade to 4.9.10-6.0.1 fails: attributes are managed by topology plugin
- Resolves: rhbz#2216611 Backport latest test fixes in python3-ipatests
- Resolves: rhbz#2216872 User authentication failing on OTP validation using multiple tokens, succeeds with password only

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-06-29 10:40:49 +02:00
Florence Blanc-Renaud
0113f2748f ipa-4.10.2-1
- Resolves: rhbz#2196426 [Rebase] Rebase ipa to latest 4.10.x release for RHEL 9.3
- Resolves: rhbz#2192969 Better handling of the command line and web UI cert search and/or list features
- Resolves: rhbz#2192625 Better catch of the IPA web UI event "IPA Error 4301:CertificateOperationError", and IPA httpd error CertificateOperationError
- Resolves: rhbz#2188567 IPA client Kerberos configuration incompatible with java
- Resolves: rhbz#2182683 Tolerate absence of PAC ticket signature depending of domain and servers capabilities [rhel-9]
- Resolves: rhbz#2180914 Sequence processing failures for group_add using server context
- Resolves: rhbz#2165880 Add RBCD support to IPA
- Resolves: rhbz#2160399 get_ranges - [file ipa_sidgen_common.c, line 276]: Failed to convert LDAP entry to range struct

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-06-06 17:20:03 +02:00
Florence Blanc-Renaud
86091b593d ipa-4.10.1-6
- Resolves: rhbz#2169632 Backport latest test fixes in python3-ipatests

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-02-22 11:56:15 +01:00
Florence Blanc-Renaud
00abb6c62b ipa-4.10.1-5
- Resolves: rhbz#2162656 Passwordless (GSSAPI) SSH not working for subdomain
- Resolves: rhbz#2166326 Removing the last DNS type for ipa-ca does not work
- Resolves: rhbz#2167473 RFE - Add a warning note about possible performance impact of the Auto Member rebuild task
- Resolves: rhbz#2168244 requestsearchtimelimit=0 doesn't seems to be work with ipa-acme-manage pruning command

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-02-13 16:22:35 +01:00
Florence Blanc-Renaud
d5f3f77077 ipa-4.10.1-4
- Resolves: rhbz#2161284 'ERROR Could not remove /tmp/tmpbkw6hawo.ipabkp' can be seen prior to 'ipa-client-install' command was successful
- Resolves: rhbz#2164403 ipa-trust-add with --range-type=ipa-ad-trust-posix fails while creating an ID range
- Resolves: rhbz#2162677 RFE: Implement support for PKI certificate and request pruning
- Resolves: rhbz#2167312 - Backport latest test fixes in python3-ipatests

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2023-02-06 09:12:53 +01:00
Alexander Bokovoy
f7ee6e148d Rebuild against krb5 1.20.1 ABI
Resolves: rhbz#2155425

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2022-12-22 10:09:15 +02:00
Florence Blanc-Renaud
7faaf4f321 ipa-4.10.1-2
- Resolves: rhbz#2148887 MemberManager with groups fails
- Resolves: rhbz#2150335 idm:client is missing dependency on krb5-pkinit

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2022-12-09 14:31:00 +01:00
Florence Blanc-Renaud
b01c9f88f3 ipa-4.10.1-1
- Resolves: rhbz#2141315
[Rebase] Rebase ipa to latest 4.10.x release for RHEL 9.2
- Resolves: rhbz#2094673
ipa-client-install should just use system wide CA store and do not specify TLS_CACERT in ldap.conf
- Resolves: rhbz#2117167
After leapp upgrade on ipa-client ipa-server package installation failed. (`REQ_FULL_WITH_MEMBERS` returns object from wrong domain)
- Resolves: rhbz#2127833
Password Policy Grace login limit allows invalid maximum value
- Resolves: rhbz#2143224
[RFE] add certificate support to ipa-client instead of one time password
- Resolves: rhbz#2144736
vault interoperability with older RHEL systems is broken
- Resolves: rhbz#2148258
ipa-client-install does not maintain server affinity during installation
- Resolves: rhbz#2148379
Add warning for empty targetattr when creating ACI with RBAC
- Resolves: rhbz#2148380
OTP token sync always returns OK even with random numbers
- Resolves: rhbz#2148381
Deprecated feature idnssoaserial in IdM appears when creating reverse dns zones
- Resolves: rhbz#2148382
Introduction of URI records for kerberos breaks location functionality

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2022-11-25 13:43:35 +01:00
Francisco Trivino
0e045611f2 Rebuild against samba-4.17.2
Related: RHBZ#2131993

Signed-off-by: Francisco Trivino <ftrivino@redhat.com>
2022-11-03 19:50:52 +01:00
Rafael Guterres Jeffman
8fd756106e ipa-4.10.0-7
- Resolves: rhbz#2124547
  Resolves: rhbz#2137555
  Attempt to log in as "root" user with admin's password in Web UI does not properly fail

Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
2022-10-25 10:51:20 -03:00
Florence Blanc-Renaud
caae578990 ipa-4.10.0-6
- Resolves: rhbz#2110014
  ldap bind occurs when admin user changes password with gracelimit=0
- Resolves: rhbz#2112901
  RFE: Allow grace login limit to be set in IPA WebUI
- Resolves: rhbz#2115495
  group password policy by default does not allow grace logins
- Resolves: rhbz#2116966
  ipa-replica-manage displays traceback: Unexpected error: 'bool' object has no attribute 'lower'
2022-08-19 17:02:13 +02:00
Francisco Trivino
c4b1dec10b Rebuild for samba-4.16.3-101.el9
ipa-4.10.0-5
  - Resolves: rhbz#2109645

Rebuild due to Samba rebase to the the latest 4.16.x release

side-tag: c9s-build-side-652-stack-gate

Signed-off-by: Francisco Trivino <ftrivino@redhat.com>
2022-07-28 12:49:04 +02:00
Francisco Trivino
aec008c1b3 Rebuild for samba-4.16.3-100.el9
ipa-4.10.0-4
- Resolves: rhbz#2109645
  Rebuild due to Samba rebase to the the latest 4.16.x release

side-tag: c9s-build-side-652-stack-gate

Signed-off-by: Francisco Trivino <ftrivino@redhat.com>
2022-07-22 16:48:49 +02:00
Florence Blanc-Renaud
d94f3829f4 ipa-4.10.0-3
- Resolves: rhbz#2105294
  IdM WebUI Pagination Size should not allow empty value

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2022-07-15 13:12:46 +02:00
Florence Blanc-Renaud
f569c41e74 ipa-4.10.0-2
- Resolves: rhbz#2091988
  [RFE] Add code to check password expiration on ldap bind
2022-06-30 16:22:52 +02:00
Florence Blanc-Renaud
bb4db90d38 ipa-4.10.0-1
- Resolves: rhbz#747959
  [RFE] Support random serial numbers in IPA certificates
- Resolves: rhbz#2100227
  [UX] Preserving a user account produces output saying it was deleted
2022-06-30 09:33:47 +02:00
Florence Blanc-Renaud
e6c101f535 ipa-4.9.10-1
- Resolves: rhbz#2079469 [Rebase] Rebase ipa to latest 4.9.x release
- Resolves: rhbz#2012911 named journalctl logs shows 'zone testrealm.test/IN: serial (serialnumber) write back to LDAP failed.'
- Resolves: rhbz#2069202 [RFE] add support for authenticating against external IdP services using OAUTH2 preauthenticaiton mechanism provided by SSSD
- Resolves: rhbz#2083218 ipa-dnskeysyncd floods /var/log/messages with DEBUG messages
- Resolves: rhbz#2089750 RFE: Improve error message with more detail for ipa-replica-install command
- Resolves: rhbz#2091988 [RFE] Add code to check password expiration on ldap bind
- Resolves: rhbz#2094400 [RFE] ipa-client-install should provide option to enable subid: sss in /etc/nsswitch.conf
- Resolves: rhbz#2096922 secret in ipa-pki-proxy.conf is not changed if new requiredSecret value is present in /etc/pki/pki-tomcat/server.xml
2022-06-17 10:55:11 +02:00
Florence Blanc-Renaud
6ed32726f7 ipa-4.9.8-8
- Resolves: rhbz#2067971 Consequences of FIPS crypto policy tightening in RHEL 9
2022-04-06 18:08:01 +02:00
Florence Blanc-Renaud
db00e46a5c ipa-4.9.8-7
- Resolves: rhbz#2067971 Consequences of FIPS crypto policy tightening in RHEL 9
2022-03-24 08:35:50 +01:00
Florence Blanc-Renaud
9b88d4c513 ipa-4.9.8-6
- Resolves: rhbz#2057467 Backport latest test fixes in python3-ipatests

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2022-02-24 17:15:11 +01:00
Alexander Bokovoy
c728f32d9b add IPA test suite fixes
Resolves: rhbz#2053025

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2022-02-14 17:11:23 +02:00
Alexander Bokovoy
0384e3429f fix memory leak in CLDAP responder
Resolves: rhbz#2053586

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2022-02-14 15:09:07 +02:00
Florence Blanc-Renaud
c7bf31948f ipa-4.9.8-3
- Resolves: rhbz#2050540 Unable to join RHEL 8.5 Replica to RHEL 7.9 Master for migration purposes
- Resolves: rhbz#2051582 Enable ipa-ccache-sweep.timer during server installation
- Resolves: rhbz#2051844 ipa-join tests are failing due to changes in expected output

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
2022-02-11 15:04:45 +01:00
Florence Blanc-Renaud
b412308f26 ipa-4.9.8-2
- Resolves: rhbz#2040619 - Changing default pac type to 'nfs:NONE and MS-PAC' doesnot display error 'ipa: ERROR: no modifications to be performed'
- Resolves: rhbz#2048510 - [rhel-9.0] Backport latest test fixes in python3-ipatests
- Resolves: rhbz#2049104 - User can't log in after ipa-user-mod --user-auth-type=hardened
- Resolves: rhbz#2049174 - KRA GetStatus service blocked by IPA proxy
2022-02-03 09:21:01 +01:00
Florence Blanc-Renaud
103dc90372 Update rpminspect's annocheck policy
annocheck is now using "hardened" policy both for rhel and centos.
Override the options for "hardened" instead of "rhel-policy".
2022-01-25 17:26:51 +01:00
Florence Blanc-Renaud
b28fca276d Remove old patches
- Resolves: rhbz#2015608 - [Rebase] Rebase ipa to latest 4.9.x release RHEL9
2021-12-03 09:34:04 +01:00