rpms/ipa
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Commit Graph

  • 398f0e1724 ipa-4.12.2-15 - Resolves: RHEL-67912 Add DNS over TLS Support imports/c10s/ipa-4.12.2-15.el10 c10s Florence Blanc-Renaud 2025-02-12 19:59:14 +0100
  • bbf4afb4a0 ipa-4.12.2-13 - Resolves: RHEL-67913 Add DNS over TLS Support c9s Florence Blanc-Renaud 2025-02-12 19:52:37 +0100
  • 71520c6277 ipa-4.12.2-12 - Resolves: RHEL-78726 ipa-server-install failing on slow hsm Florence Blanc-Renaud 2025-02-11 18:42:06 +0100
  • 38cf0fbb20 ipa-4.12.2-11 - Resolves: RHEL-67913 Add DNS over TLS Support, require bind9.18 32:9.18.29-2 and bind-dyndb-ldap 11.11-1 Thomas Woerner 2025-02-11 18:33:45 +0100
  • 73e3a943d0 ipa-4.12.2-14 - Resolves: RHEL-78766 Include latest fixes in python3-ipatests package - Resolves: RHEL-77965 ipa-server-install failing on slow hsm imports/c10s/ipa-4.12.2-14.el10 Florence Blanc-Renaud 2025-02-11 18:08:52 +0100
  • 837c02b504 ipa-4.12.2-13 - Resolves: RHEL-67912 Add DNS over TLS Support, require bind 32:9.18.33-2 and bind-dyndb-ldap 11.11-1 Thomas Woerner 2025-02-11 17:43:26 +0100
  • ecc1c3ac9d Revert OL changes imports/c9/ipa-4.12.2-1.el9_5.4 c9 eabdullin 2025-02-05 12:47:17 +0300
  • 1b6180a5e1 Import OL ipa-4.12.2-1.0.1.el9_5.4 eabdullin 2025-02-05 12:46:05 +0300
  • 5a34f265f7 ipa-4.12.2-12 - Resolves: RHEL-72580 A slow HSM can cause IPA server installation to fail setting up certificate tracking imports/c10s/ipa-4.12.2-12.el10 Florence Blanc-Renaud 2025-01-28 14:12:51 +0100
  • e62b5538d9 ipa-4.12.2-10 - Resolves: RHEL-73022 A slow HSM can cause IPA server installation to fail setting up certificate tracking Florence Blanc-Renaud 2025-01-28 13:36:13 +0100
  • d45f8dce3d ipa-4.12.2-11 - Resolves: RHEL-75658 Include latest fixes in python3-ipatests package - Resolves: RHEL-74466 kinit with external idp user is failing imports/c10s/ipa-4.12.2-11.el10 Florence Blanc-Renaud 2025-01-22 09:46:51 +0100
  • 85a695e7ee ipa-4.12.2-9 - Resolves: RHEL-74465 kinit with external idp user is failing - Resolves: RHEL-75656 Include latest fixes in python3-ipatests package Florence Blanc-Renaud 2025-01-21 17:55:45 +0100
  • 2609b6f540 Revert OL changes imports/c9/ipa-4.12.2-1.el9_5.3 eabdullin 2025-01-17 09:46:22 +0300
  • 97c1695387 Import OL ipa-4.12.2-1.0.1.el9_5.3 eabdullin 2025-01-17 09:45:37 +0300
  • 84d0312b89 ipa-4.12.2-10 - Resolves: RHEL-72580 A slow HSM can cause IPA server installation to fail setting up certificate tracking - Resolves: RHEL-71964 KRA installation failure caused by a certificate mismatch in NSS DB and configuration file - Resolves: RHEL-71262 Include latest fixes in python3-ipatests package - Resolves: RHEL-67190 CVE-2024-11029 ipa: Administrative user data leaked through systemd journal imports/c10s/ipa-4.12.2-10.el10 Florence Blanc-Renaud 2025-01-16 13:49:29 +0100
  • ed508b4be8 ipa-4.12.2-8 - Resolves: RHEL-73022 A slow HSM can cause IPA server installation to fail setting up certificate tracking [rhel-9] - Resolves: RHEL-71261 [RHEL-9.6] Include latest fixes in python3-ipatests package - Resolves: RHEL-67191 CVE-2024-11029 ipa: Administrative user data leaked through systemd journal [rhel-9.6] - Resolves: RHEL-59040 KRA installation failure caused by a certificate mismatch in NSS DB and configuration file. Florence Blanc-Renaud 2025-01-15 18:19:41 +0100
  • 8570e5b965 - Add ipa-idrange-fix - ipatests: Add missing comma in test_idrange_no_rid_bases_reversed - ipatests: Fixes for ipa-idrange-fix testsuite - Do not let user with an expired OTP token to log in if only OTP is allowed changed/a9/ipa-4.12.2-1.el9_5.2.alma.1 a9 eabdullin 2024-12-23 12:22:37 +0300
  • 85c240179a Merge branch 'c9' into a9 eabdullin 2024-12-23 12:12:06 +0300
  • dd295410e9 Import AL stable eabdullin 2024-12-23 12:11:00 +0300
  • f5a4c403b9 Import from CS git imports/c8-stream-client/ipa-4.9.13-13.el8_10 c8-stream-client eabdullin 2024-12-17 08:58:14 +0000
  • f79c669f55 Import from CS git c8-stream-DL1 imports/c8-stream-DL1/ipa-4.9.13-14.el8_10 eabdullin 2024-12-17 08:57:26 +0000
  • 4c20458190 ipa-4.12.2-7 - Resolves: RHEL-70760 Fix typo in ipa-migrate log file i.e 'Privledges' to 'Privileges' - Resolves: RHEL-70481 ipa-server-upgrade fails after established trust with ad - Resolves: RHEL-69927 add support for python cryptography 44.0.0 - Resolves: RHEL-69908 All user groups are not being included during HSM token validation - Resolves: RHEL-69900 Upgrade to ipa-server-4.12.2-1.el9 OTP-based bind to LDAP without enforceldapotp is broken Florence Blanc-Renaud 2024-12-11 10:47:47 +0100
  • 8f97c76dba ipa-4.12.2-9 - Resolves: RHEL-70759 Fix typo in ipa-migrate log file i.e 'Privledges' to 'Privileges' - Resolves: RHEL-70477 ipa-server-upgrade fails after established trust with ad - Resolves: RHEL-70253 Upgrade to ipa-server-4.12.2-1.el9 OTP-based bind to LDAP without enforceldapotp is broken - Resolves: RHEL-69926 add support for python cryptography 44.0.0 - Resolves: RHEL-69635 All user groups are not being included during HSM token validation imports/c10s/ipa-4.12.2-9.el10 Florence Blanc-Renaud 2024-12-11 09:46:58 +0100
  • 1e38d43370 ipa-4.12.2-8 imports/c10s/ipa-4.12.2-8.el10 Florence Blanc-Renaud 2024-11-27 19:43:17 +0100
  • 644504a963 ipa-4.12.2-6 - Resolves: RHEL-68448 ipa trust-add fails in FIPS mode with an internal error has occurred - Resolves: RHEL-69301 Support GSSAPI in Cockpit on IPA servers Florence Blanc-Renaud 2024-11-27 18:50:12 +0100
  • 9fadb53aa0 ipatests: Update ipa-adtrust-install test stream-idm-DL1-rhel-8.10.0 Rafael Guterres Jeffman 2024-11-27 11:44:56 -0300
  • c544624774 import RHEL 10 Beta ipa-4.12.2-1.1.el10 imports/c10-beta/ipa-4.12.2-1.1.el10 c10-beta eabdullin 2024-11-20 13:20:07 +0000
  • 19240eadc4 ipa-4.12.2-5 - Resolves: RHEL-67414 ipa dns-zone --allow-query '!198.18.2.0/24;any;' fails with Unrecognized IPAddress flags - Resolves: RHEL-67410 ipa-migrate should also migrate DNS forward zones - Resolves: RHEL-67409 ipa-migrate in stage mode fails with TypeError: 'NoneType' object is not iterable - Resolves: RHEL-66964 Include latest fixes in python3-ipatests packages - Resolves: RHEL-64135 IDP configuration in the IdM WebUI shows Organization is required Florence Blanc-Renaud 2024-11-20 09:49:21 +0100
  • e2ceb15ca1 Backports for 4.9.13-12 release: Rafael Guterres Jeffman 2024-11-13 17:31:55 -0300
  • 255a8322a5 ipa-4.12.2-7 - Resolves: RHEL-66599 vault-add fails in FIPS mode - Resolves: RHEL-66598 ipa-migrate should also migrate DNS forward zones - Resolves: RHEL-66597 ipa-migrate in stage mode fails with TypeError: 'NoneType' object is not iterable - Resolves: RHEL-66595 Sentences truncated in man pages - Resolves: RHEL-66592 IDP configuration in the IdM WebUI shows Organization is required - Resolves: RHEL-65650 ipa-server-install with setup-dns fails 'job for ipa.service failed because the control process exited with error code' imports/c10s/ipa-4.12.2-7.el10 Florence Blanc-Renaud 2024-11-08 11:37:33 +0100
  • ea1a342fa7 ipa-4.12.2-4 - Bump release for rebuild Florence Blanc-Renaud 2024-11-04 08:44:38 +0100
  • b22e86ac9d ipa-4.12.2-6 - Resolves: RHEL-64018 Bump release for October 2024 mass rebuild imports/c10s/ipa-4.12.2-6.el10 Florence Blanc-Renaud 2024-10-31 14:34:45 +0100
  • 26cff073ee ipa-4.12.2-5 - Resolves: RHEL-61636 Uninstall ACME separately during PKI uninstallation imports/c10s/ipa-4.12.2-5.el10 Florence Blanc-Renaud 2024-10-29 15:13:11 +0100
  • 4766b53190 ipa-4.12.2-3 - Resolves: RHEL-61642 Uninstall ACME separately during PKI uninstallation Florence Blanc-Renaud 2024-10-29 15:24:05 +0100
  • c8a18bb46d ipa-4.12.2-2 - Related: RHEL-59788 Rebase Samba to the latest 4.21.x release - Fixes: RHEL-61642 Uninstall ACME separately during PKI uninstallation - Fixes: RHEL-56963 SSSD offline causing test-adtrust-install failure - Fixes: RHEL-56473 Include latest fixes in python3-ipatests packages - Fixes: RHEL-48104 Default hbac rules are duplicated on remote server post ipa-migrate in prod-mode - Fixes: RHEL-45330 [RFE] add a tool to quickly detect and fix issues with IPA ID ranges - Fixes: RHEL-40376 SID generation task is failing when SELinux is in Enforcing mode - Fixes: RHEL-4915 Last expired OTP token would be c Florence Blanc-Renaud 2024-10-21 19:24:16 +0200
  • 80f94e10a4 ipa-4.12.2-4 Bump version Related: RHEL-59777 Rebase Samba to the latest 4.21.x release imports/c10s/ipa-4.12.2-4.el10 Florence Blanc-Renaud 2024-10-21 18:05:17 +0200
  • 66cc1eaeec ipa-4.12.2-4 - Related: RHEL-59777 Rebase Samba to the latest 4.21.x release - Resolves: RHEL-59659 ipa dns-zone --allow-query '!198.18.2.0/24;any;' fails with Unrecognized IPAddress flags - Resolves: RHEL-61636 Uninstall ACME separately during PKI uninstallation - Resolves: RHEL-61723 Include latest fixes in python3-ipatests packages - Resolves: RHEL-63325 Last expired OTP token would be considered as still assigned to the user Florence Blanc-Renaud 2024-10-21 17:39:50 +0200
  • b47051d660 import CS ipa-4.12.2-1.el9 imports/c9-beta/ipa-4.12.2-1.el9 c9-beta eabdullin 2024-09-30 15:42:51 +0000
  • c94e6ae745 ipa-4.12.2-3 Resolves: RHEL-33818 Remove python3-ipalib's dependency on python3-netifaces imports/c10s/ipa-4.12.2-3.el10 Rafael Guterres Jeffman 2024-09-24 10:21:52 -0300
  • 5d90090676 ipa-4.12.2.2 - Resolves: RHEL-47294 SID generation task is failing when SELinux is in Enforcing mode - Resolves: RHEL-56472 Include latest fixes in python3-ipatests packages - Resolves: RHEL-56917 RFE add a tool to quickly detect and fix issues with IPA ID ranges - Resolves: RHEL-56965 Backport test fixes in python3-ipatests - Resolves: RHEL-58067 ipa replication installation fails in FIPS mode on rhel10 - Resolves: RHEL-59265 Default hbac rules are duplicated on remote server post ipa-migrate in prod-mode - Resolves: RHEL-59266 Also enable SSSD's ssh service when enabling sss_ssh_knownhosts imports/c10s/ipa-4.12.2-2.el10 Florence Blanc-Renaud 2024-09-18 11:23:26 +0200
  • 9b3c30c71b ipa-4.12.2-1 Florence Blanc-Renaud 2024-08-22 07:53:57 +0200
  • 0378d5e4e5 ipa-4.12.2.1 - Resolves: RHEL-54545 Covscan issues: Resource Leak - Resolves: RHEL-54304 support for python cryptography 43.0.0 - Resolves: RHEL-49805 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w - Resolves: RHEL-46897 With unreachable AD, ipa trust returns an internal error imports/c10s/ipa-4.12.2-1.el10 Florence Blanc-Renaud 2024-08-21 21:06:29 +0200
  • fe4c609c71 Import from CS git imports/c8-stream-client/ipa-4.9.13-12.module_el8_10+982+5382ace7 eabdullin 2024-08-14 14:29:10 +0300
  • c4b216be73 Import from CS git imports/c8-stream-DL1/ipa-4.9.13-12.module_el8_10+982+5382ace7 eabdullin 2024-08-14 14:26:42 +0300
  • 6c0b4f87d0 Import from CS git imports/c8/ipa-4.9.13-12.el8_10 eabdullin 2024-08-14 08:32:19 +0000
  • 86420dd2f3 ipa-4.12.1-4 - Resolves: RHEL-53501 adtrustinstance only prints issues in check_inst() and does not log them - Resolves: RHEL-52305 Unconditionally add MS-PAC to global config - Resolves: RHEL-52223 ipa-replica/server-install with softhsm needs to check permission/ownership of /var/lib/softhsm/tokens to avoid install failure - Resolves: RHEL-51937 Include latest fixes in python3-ipatests packages - Resolves: RHEL-50805 ipa-migrate -Z with invalid cert options fails with 'ValueError: option error' - Resolves: RHEL-49805 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w - Resolves: RHEL-49592 'Unable to log in as uid=admin-replica.testrealm.test,ou=people,o=ipaca' during replica install - Resolves: RHEL-4879 RFE - Keep the configured value for the "nsslapd-ignore-time-skew" after a "force-sync" imports/c10s/ipa-4.12.1-4.el10 Florence Blanc-Renaud 2024-08-08 15:57:12 +0200
  • 3979c73861 ipa-4.12.0-7 - Resolves: RHEL-53500 adtrustinstance only prints issues in check_inst() and does not log them - Resolves: RHEL-52306 Unconditionally add MS-PAC to global config - Resolves: RHEL-52300 RFE - Keep the configured value for the "nsslapd-ignore-time-skew" after a "force-sync" - Resolves: RHEL-52222 ipa-replica/server-install with softhsm needs to check permission/ownership of /var/lib/softhsm/tokens to avoid install failure - Resolves: RHEL-51944 Include latest fixes in python3-ipatests packages - Resolves: RHEL-50804 ipa-migrate -Z with invalid cert options fails with 'ValueError: option error' - Resolves: RHEL-49602 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w - Resolves: RHEL-27856 'Unable to log in as uid=admin-replica.testrealm.test,ou=people,o=ipaca' during replica install Florence Blanc-Renaud 2024-08-08 16:12:28 +0200
  • 8b6d847e67 ipa-4.12.0-6 - Resolves: RHEL-47292 Include latest fixes in python3-ipatests packages - Resolves: RHEL-47146 Syntax error uninstalling the selinux-luna subpackage - Resolves: RHEL-46009 ipa-migrate with -Z option fails with ValueError: option error - Resolves: RHEL-46003 ipa-migrate -V options fails to display version - Resolves: RHEL-45463 ipa-migrate stage-mode is failing with error: Modifying a mapped attribute in a managed entry is not allowed - Resolves: RHEL-40890 ipa-server-install: token_password_file read in kra.install_check after calling hsm_validator in ca.install_check - Resolves: RHEL-40661 Adjust "ipa config-mod --addattr ipaconfigstring=EnforceLDAPOTP" to allow for non OTP users in some cases Florence Blanc-Renaud 2024-07-18 14:24:55 +0200
  • 6c2a5fa538 ipa-4.12.1-3 - Resolves: RHEL-49452 Include latest fixes in python3-ipatests packages - Resolves: RHEL-49433 Adjust "ipa config-mod --addattr ipaconfigstring=EnforceLDAPOTP" to allow for non OTP users in some cases - Resolves: RHEL-49432 ipa-migrate stage-mode is failing with error: Modifying a mapped attribute in a managed entry is not allowed - Resolves: RHEL-49413 ipa-migrate with -Z option fails with ValueError: option error - Resolves: RHEL-47157 ipa-migrate -V options fails to display version - Resolves: RHEL-47148 Pagure #9629: Syntax error uninstalling the selinux-luna subpackage - Resolves: RHEL-40892 ipa-server-install: token_password_file read in kra.install_check after calling hsm_validator in ca.install_check imports/c10s/ipa-4.12.1-3.el10 Florence Blanc-Renaud 2024-07-18 13:25:00 +0200
  • 880d21b828 Backports for 4.9.13-9 release: Rafael Guterres Jeffman 2024-07-17 12:33:21 -0300
  • fcc298685a ipa-4.12.1-2 - Resolves: RHEL-46607 kdc.crt certificate not getting automatically renewed by certmonger in IPA Hidden replica - Resolves: RHEL-46606 ipa-client rpm post script creates always ssh_config.orig even if nothing needs to be changed - Resolves: RHEL-46605 IPA Web UI not showing replication agreement for non-admin users - Resolves: RHEL-46592 [RFE] Allow IPA SIDgen task to continue if it finds an entity that SID can't be assigned to - Resolves: RHEL-46556 Include latest fixes in python3-ipatests packages - Resolves: RHEL-42705 PSKC.xml issues with ipa_otptoken_import.py Florence Blanc-Renaud 2024-07-08 19:27:27 +0200
  • d0ca280108 ipa-4.12.0-5 - Resolves: RHEL-37285 IPA Web UI not showing replication agreement for non-admin users - Resolves: RHEL-42703 PSKC.xml issues with ipa_otptoken_import.py - Resolves: RHEL-41194 ipa-client rpm post script creates always ssh_config.orig even if nothing needs to be changed - Resolves: RHEL-39477 kdc.crt certificate not getting automatically renewed by certmonger in IPA Hidden replica - Resolves: RHEL-46559 Include latest fixes in python3-ipatests packages - Resolves: RHEL-22188 [RFE] Allow IPA SIDgen task to continue if it finds an entity that SID can't be assigned to Florence Blanc-Renaud 2024-07-08 18:35:11 +0200
  • 605fed4ed0 Bump release for June 2024 mass rebuild Troy Dawson 2024-06-24 08:51:28 -0700
  • b1684f15a7 Include gating.yaml for c10s Sudhir Menon 2024-06-13 18:35:13 +0530
  • 38e4126e68 ipa-4.12.1-1 Julien Rische 2024-06-12 14:14:20 +0200
  • a74c5fe996 ipa release 4.9.13-11 Julien Rische 2024-06-12 15:32:55 +0200
  • 3dbea7e839 - kdb: fix vulnerability in GCD rules handling - kdb: apply combinatorial logic for ticket flags changed/a9/ipa-4.11.0-15.el9_4.alma.1 eabdullin 2024-06-11 13:02:00 +0300
  • fc20c59e4a Merge branch 'c9' into a9 eabdullin 2024-06-11 12:51:01 +0300
  • aec2a644bb Import from CS git imports/c8-stream-DL1/ipa-4.9.13-10.module_el8_10+982+5382ace7 eabdullin 2024-06-11 12:20:42 +0300
  • 29fb2ea8fd ipa-4.12.0-4 Julien Rische 2024-06-10 18:18:17 +0200
  • 3e4c75a7b3 ipa-4.12.0-3 - Related: RHEL-34809 temporarily revert a commit that depends on newer version of python-jwcrypto Florence Blanc-Renaud 2024-06-05 15:07:32 +0200
  • 881a120bf5 rpminspect: add automatic waiver for runpath check Florence Blanc-Renaud 2024-06-05 12:35:25 +0200
  • 90dae868c3 ipa-4.12.0-1 - Resolves: RHEL-39144 Rebase ipa to the latest 4.12 version for RHEL 10 - Resolves: RHEL-30537 ipa: freeipa: argument injection into the username field of the /ipa/session/login_password requests Florence Blanc-Renaud 2024-06-04 19:55:30 +0200
  • 86ca9218d9 ipa-4.12.0-2 - Resolves: RHEL-39950 ipa-client can't be installed because of a missing dependency Florence Blanc-Renaud 2024-06-04 16:01:25 +0200
  • b4517960e4 ipa-4.12.0-1 - Resolves: RHEL-39140 Rebase ipa to the latest 4.12 version for RHEL 9.5 - Resolves: RHEL-34757 The change for preventing deletion of the admin user caused a regression in disable - Resolves: RHEL-30553 Depend on nfsv4-client-utils or nfs-utils - Resolves: RHEL-29762 IPA sidgen fails to create SID for manually set ID for a new range [rhel-9.5.0] - Resolves: RHEL-26261 Fix replica connection check for use with AD administrator - Resolves: RHEL-18062 ipa ca-show NAME --certificate-out=file creates empty file when NAME does not exist - Resolves: RHEL-12149 traceback in ipaserver/dcerpc.py - Resolves: RHEL-4810 [RFE] FreeIPA-to-FreeIPA migration - Resolves: RHEL-4807 [RFE] Support in IPA for HSM boxes Florence Blanc-Renaud 2024-05-29 19:24:35 +0200
  • 259c756227 Import from CS git imports/c8-stream-client/ipa-4.9.13-9.module_el8_10+982+5382ace7 eabdullin 2024-05-23 09:57:45 +0300
  • 450a4db45f Import from CS git imports/c8-stream-DL1/ipa-4.9.13-9.module_el8_10+982+5382ace7 eabdullin 2024-05-23 09:56:32 +0300
  • 42c4963dff import CS ipa-4.9.13-8.module_el8+981+726db82c imports/c8-stream-DL1/ipa-4.9.13-8.module_el8_10+981+726db82c eabdullin 2024-05-22 10:50:28 +0000
  • a5ab2f8a7b import CS ipa-4.9.13-8.module_el8+982+5382ace7 imports/c8-stream-client/ipa-4.9.13-8.module_el8_10+982+5382ace7 eabdullin 2024-05-22 10:49:49 +0000
  • 9d9b3fd758 import CS ipa-4.11.0-10.el9_4 imports/c9/ipa-4.11.0-10.el9_4 eabdullin 2024-04-30 19:46:59 +0000
  • 1c57bc6872 ipa release 4.9.13-10 Julien Rische 2024-04-30 15:24:22 +0200
  • e331636150 import CS ipa-4.11.0-9.el9_3 imports/c9/ipa-4.11.0-9.el9_4 eabdullin 2024-04-30 11:37:26 +0000
  • c5c70da9d0 ipa-4.11.0-11 - Related: RHEL-33645 - Update samba to version 4.20.0 Florence Blanc-Renaud 2024-04-30 08:18:10 +0200
  • 7b21739b0c ipa release 4.9.13-9 Rafael Guterres Jeffman 2024-04-12 12:30:06 -0300
  • a3e6f860a5 - adtrustinstance: make sure NetBIOS name defaults are set properly - ipatests: wait for replica update in test_dns_locations - ipa-kdb: Disable Bronze-Bit check if PAC not available - ipapython: Clean up krb5_error - ipapython: Correct return type of krb5_free_cred_contents - ipa-kdb: Fix memory leak during PAC verification - sidgen: ignore staged users when generating SIDs - kdb: PAC generator: do not fail if canonical principal is missing - Fix some mistakes in ipadb_check_for_bronze_bit_attack() - ipa-kdb: Rework ipadb_reinit_mspac() - ipatests: fix tasks.wait_for_replication method - ipa-kdb: Fix double free in ipadb_reinit_mspac() changed/a8-stream-DL1/ipa-4.9.12-14.module+el8.9+672+ba1cd518.alma.1 a8-stream-DL1 eabdullin 2024-04-10 10:00:12 +0300
  • 7507e52258 ipa-4.11.0-10 - Resolves: RHEL-23377 Enforce OTP for ldap bind (in some scenarios) - Resolves: RHEL-29745 Unable to re-add broken AD trust - NT_STATUS_INVALID_PARAMETER - Resolves: RHEL-30905 Backport latest test fixes in ipa Florence Blanc-Renaud 2024-03-29 14:53:47 +0100
  • 3b074cd569 import CS ipa-4.9.13-1.module_el8+756+61305731 imports/c8-beta-stream-client/ipa-4.9.13-1.module_el8+756+61305731 c8-beta-stream-client eabdullin 2024-03-28 13:46:46 +0000
  • c2552a1e7a import CS ipa-4.9.13-7.module_el8+969+0b4cdf18 imports/c8-beta-stream-DL1/ipa-4.9.13-7.module_el8+969+0b4cdf18 c8-beta-stream-DL1 eabdullin 2024-03-28 13:46:21 +0000
  • aede71600d import CS ipa-4.11.0-8.el9 imports/c9-beta/ipa-4.11.0-8.el9 eabdullin 2024-03-28 10:37:46 +0000
  • 74c854d38c - ipatests: restart ipa services after moving date - ipatests: ignore nsslapd-accesslog-logbuffering WARN in healthcheck - ipatests: Skip ds_encryption tests on RHEL9 SUT. - adtrustinstance: make sure NetBIOS name defaults are set properly - ipatests: wait for replica update in test_dns_locations - ipapython: Clean up krb5_error - ipapython: Correct return type of krb5_free_cred_contents - ipapython: Propagate KRB5Error exceptions on iterating ccache - ipa-kdb: Fix memory leak during PAC verification - sidgen: ignore staged users when generating SIDs - sidgen: fix missing prototypes - kdb: PAC generator: do not fail if canonical principal is missing - ipatests: fix tasks.wait_for_replication method - ipa-kdb: Rework ipadb_reinit_mspac() - ipa-kdb: Fix double free in ipadb_reinit_mspac() changed/a9/ipa-4.10.2-8.el9_3.alma.1 Eduard Abdullin 2024-03-15 13:25:31 +0300
  • 51eeb76a79 ipa release 4.9.13-8 Rafael Guterres Jeffman 2024-03-07 14:18:08 -0300
  • 0c468af06a ipa-4.11.0-9 - Resolves: RHEL-28258 vault fails on non-fips client if server is in FIPS mode - Resolves: RHEL-26154 ipa: freeipa: specially crafted HTTP requests potentially lead to DoS or data exposure Florence Blanc-Renaud 2024-03-07 16:08:13 +0100
  • 123abb92ab Bump release to rebuild on correct samba Troy Dawson 2024-02-22 10:58:02 -0800
  • a727d75b87 ipa-4.11.0-8 - Resolves: RHEL-12143 'ipa vault-add is failing with ipa: ERROR: an internal error has occurred in FIPS mode - Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available Florence Blanc-Renaud 2024-02-20 18:59:25 +0100
  • cab5f5f833 ipa release 4.9.13-7 Julien Rische 2024-02-20 18:40:16 +0100
  • 535e08e118 ipa release 4.9.13-6 Rafael Guterres Jeffman 2024-02-16 11:38:14 -0300
  • 7389b56a67 ipa-4.11.0-7 - Resolves: RHEL-25260 tier-1-upstream-dns-locations failed on RHEL8.8 gating - Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available - Resolves: RHEL-25815 Backport latest test fixes in python3-ipatests Florence Blanc-Renaud 2024-02-16 11:36:47 +0100
  • 8d7c3802f3 ipa release 4.9.13-6 Julien Rische 2024-02-15 10:45:53 +0100
  • f285979474 ipa-kdb: Fix compilation issues. Rafael Guterres Jeffman 2024-02-13 10:37:30 -0300
  • 4ced5cbefb IPA build for ITM 24 Rafael Guterres Jeffman 2024-02-12 20:27:29 -0300
  • 13b7686650 ipa-4.11.0-6 - Resolves: RHEL-23627 IPA stops working if HTTP/... service principal was created before FreeIPA 4.4.0 and never modified - Resolves: RHEL-23625 sidgen plugin does not ignore staged users - Resolves: RHEL-23621 session cookie can't be read - Resolves: RHEL-22372 Gating-DL1 test failure in test_integration/test_dns_locations.py::TestDNSLocations::()::test_ipa_ca_records - Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix - Resolves: RHEL-17996 Memory leak in IdM's KDC Florence Blanc-Renaud 2024-02-09 12:03:31 +0100
  • d41e5ca07b Support 389-ds with lmdb backend Alexander Bokovoy 2024-02-08 18:21:32 +0200
  • f407801376 Detect samba private libraries Alexander Bokovoy 2024-01-30 20:00:47 +0200
  • 7365e8a23f More backports Alexander Bokovoy 2024-01-30 18:09:49 +0200
  • f19c883a04 Rebuild against Samba 4.20rc1 Alexander Bokovoy 2024-01-30 17:40:16 +0200
  • dc24d637fb Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Fedora Release Engineering 2024-01-24 12:01:16 +0000
  • 3b5629ec63 ipa release 4.9.13-4 Rafael Guterres Jeffman 2024-01-23 18:39:46 -0300
  • 9d0ac5b4ee Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Fedora Release Engineering 2024-01-19 19:46:15 +0000
  • e57a97aa67 ipa-4.11.0-5 - Resolves: RHEL-12589 ipa: Invalid CSRF protection - Resolves: RHEL-19748 ipa hbac-test did not report that it hit an arbitrary search limit - Resolves: RHEL-21059 'DogtagCertsConfigCheck' fails, displaying the error message 'Malformed directive: ca.signing.certnickname=caSigningCert cert-pki-ca' - Resolves: RHEL-21804 ipa client 4.10.2 - Failed to obtain host TGT - Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix - Resolves: RHEL-21810 ipa-client-install --automount-location does not work - Resolves: RHEL-21811 Handle change in behavior of pki-server ca-config-show in pki 11.5.0 - Resolves: RHEL-21812 Backport latest test fixes in ipa - Resolves: RHEL-21813 krb5kdc fails to start when pkinit and otp auth type is enabled in ipa - Resolves: RHEL-21815 IPA 389ds plugins need to have better logging and tracing - Resolves: RHEL-21937 Make sure a default NetBIOS name is set if not passed in by ADTrust instance constructor Florence Blanc-Renaud 2024-01-18 16:57:59 +0100
  • e82ab6efc0 - CVE-2023-5455 - ipa-kdb: Detect and block Bronze-Bit attacks changed/a8-stream-DL1/ipa-4.9.12-11.module+el8.9+672+ba1cd518.alma.1 eabdullin 2024-01-15 15:06:33 +0300