import pki-core-11.2.1-1.el9

2022-11-15 01:34:04 -05:00 · 2022-11-15 01:34:04 -05:00 · 107268baba
parent 8284884ab8
commit 107268baba
3 changed files with 95 additions and 198 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/pki-11.0.6.tar.gz
+SOURCES/pki-11.2.1.tar.gz
--- a/.pki-core.metadata
+++ b/.pki-core.metadata
@ -1 +1 @@
-e55d4ac4a14d3a2dc17546b47543cdd6fcef9b36 SOURCES/pki-11.0.6.tar.gz
+b38832fe7b4778f70a8622d203e754ff931c85c5 SOURCES/pki-11.2.1.tar.gz
--- a/SPECS/pki-core.spec
+++ b/SPECS/pki-core.spec
@ -2,22 +2,35 @@
 Name:             pki-core
 ################################################################################
-%global           product_name PKI
+%global           product_name IDM PKI
-%global           product_id pki
+%global           product_id idm-pki
 %undefine         theme
-# NOTE: Do not specify the theme for pki-core
+# Upstream version number:
-# global           theme dogtag
+%global           major_version 11
 %global           minor_version 2
 %global           update_version 1
-Summary:          %{product_name} Core Package
+# Downstream release number:
 # - development/stabilization (unsupported): 0.<n> where n >= 1
 # - GA/update (supported): <n> where n >= 1
 %global           release_number 1
 # Development phase:
 # - development (unsupported): alpha<n> where n >= 1
 # - stabilization (unsupported): beta<n> where n >= 1
 # - GA/update (supported): <none>
 %undefine         phase
 %undefine         timestamp
 %undefine         commit_id
 Summary:          %{product_name} Package
 URL:              https://www.dogtagpki.org
 # The entire source code is GPLv2 except for 'pki-tps' which is LGPLv2
 License:          GPLv2 and LGPLv2
-
+Version:          %{major_version}.%{minor_version}.%{update_version}
-# For development (i.e. unsupported) releases, use x.y.z-0.n.<phase>.
+Release:          %{release_number}%{?phase:.}%{?phase}%{?timestamp:.}%{?timestamp}%{?commit_id:.}%{?commit_id}%{?dist}
 # For official (i.e. supported) releases, use x.y.z-r where r >=1.
 Version:          11.0.6
 Release:          2%{?_timestamp}%{?_commit_id}%{?dist}
 #global           _phase -alpha1
 # To create a tarball from a version tag:
 # $ git archive \
@ -25,7 +38,7 @@ Release:          2%{?_timestamp}%{?_commit_id}%{?dist}
 #     --prefix pki-<version>/ \
 #     -o pki-<version>.tar.gz \
 #     <version tag>
-Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{version}%{?_phase}.tar.gz
+Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?phase:-}%{?phase}/pki-%{version}%{?phase:-}%{?phase}.tar.gz
 # To create a patch for all changes since a version tag:
 # $ git format-patch \
@ -34,13 +47,8 @@ Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{ver
 #     > pki-VERSION-RELEASE.patch
 # Patch: pki-VERSION-RELEASE.patch
-# md2man isn't available on i686. Additionally, we aren't generally multi-lib
+# Java 17 and md2man are not available on i686
 # compatible (https://fedoraproject.org/wiki/Packaging:Java)
 # so dropping i686 everywhere but RHEL-8 (which we've already shipped) seems
 # safest.
 %if ! 0%{?rhel} || 0%{?rhel} > 8
 ExcludeArch: i686
 %endif
 ################################################################################
 # NSS
@ -52,32 +60,15 @@ ExcludeArch: i686
 # Python
 ################################################################################
 %if 0%{?rhel} && 0%{?rhel} <= 8
 %global python_executable /usr/libexec/platform-python
 %else
 %global python_executable /usr/bin/python3
 %endif
 ################################################################################
 # Java
 ################################################################################
 %if 0%{?fedora} && 0%{?fedora} >= 36
 %define java_devel java-17-openjdk-devel
 %define java_headless java-17-openjdk-headless
 %define java_home %{_jvmdir}/jre-17-openjdk
 %else
 %define java_devel java-11-openjdk-devel
 %define java_headless java-11-openjdk-headless
 %define java_home %{_jvmdir}/jre-11-openjdk
 %endif
 ################################################################################
 # RESTEasy
 ################################################################################
 %define jaxrs_api_jar /usr/share/java/jboss-jaxrs-2.0-api.jar
 %define resteasy_lib /usr/share/java/resteasy
 ################################################################################
 # PKI
@ -191,12 +182,9 @@ BuildRequires:    policycoreutils
 BuildRequires:    python3-lxml
 BuildRequires:    python3-sphinx
 BuildRequires:    xalan-j2
 BuildRequires:    xerces-j2
 BuildRequires:    resteasy >= 3.0.26
-BuildRequires:    python3 >= 3.5
+BuildRequires:    python3 >= 3.9
 BuildRequires:    python3-devel
 BuildRequires:    python3-setuptools
 BuildRequires:    python3-cryptography
@ -208,16 +196,16 @@ BuildRequires:    python3-six
 BuildRequires:    junit
 BuildRequires:    jpackage-utils >= 0:1.7.5-10
-BuildRequires:    jss >= 5.0.0
+BuildRequires:    jss >= 5.2.0
-BuildRequires:    tomcatjss >= 8.0.0
+BuildRequires:    tomcatjss >= 8.2.0
-BuildRequires:    ldapjdk >= 5.0.0
+BuildRequires:    ldapjdk >= 5.2.0
 BuildRequires:    systemd-units
 %if 0%{?rhel} && ! 0%{?eln}
-BuildRequires:    pki-servlet-engine
+BuildRequires:    pki-servlet-engine >= 9.0.31
 %else
-BuildRequires:    tomcat >= 1:9.0.7
+BuildRequires:    tomcat >= 1:9.0.31
 %endif
 # additional build requirements needed to build native 'tpsclient'
@ -232,11 +220,7 @@ BuildRequires:    zlib
 BuildRequires:    zlib-devel
 # build dependency to build man pages
 %if 0%{?fedora} && 0%{?fedora} <= 30 || 0%{?rhel} && 0%{?rhel} <= 8
 BuildRequires:    go-md2man
 %else
 BuildRequires:    golang-github-cpuguy83-md2man
 %endif
 # pki-healthcheck depends on the following library
 %if 0%{?rhel}
@ -276,13 +260,15 @@ to manage enterprise Public Key Infrastructure deployments.
 Summary:          %{product_name} Package
 %endif
 Obsoletes:        pki-symkey < %{version}
 Obsoletes:        %{product_id}-pki-symkey < %{version}
 Obsoletes:        pki-console < %{version}
 Obsoletes:        pki-console-theme < %{version}
 Obsoletes:        idm-console-framework < 2.0
 # Make certain that this 'meta' package requires the latest version(s)
 # of ALL PKI theme packages
-Requires:         %{product_id}-server-theme = %{version}-%{release}
+Requires:         %{product_id}-theme = %{version}-%{release}
 # Make certain that this 'meta' package requires the latest version(s)
 # of ALL PKI core packages
@ -324,28 +310,6 @@ to manage enterprise Public Key Infrastructure deployments.
 %endif
 %if %{with base}
 ################################################################################
 %package -n       %{product_id}-symkey
 ################################################################################
 Summary:          %{product_name} Symmetric Key Package
 Obsoletes:        pki-symkey < %{version}-%{release}
 Provides:         pki-symkey = %{version}-%{release}
 Requires:         %{java_headless}
 Requires:         jpackage-utils >= 0:1.7.5-10
 Requires:         jss >= 5.0.0
 Requires:         nss >= 3.38.0
 # Ensure we end up with a useful installation
 Conflicts:        pki-symkey < %{version}
 Conflicts:        pki-javadoc < %{version}
 Conflicts:        pki-server-theme < %{version}
 %description -n   %{product_id}-symkey
 This package provides library for symmetric key operations.
 ################################################################################
 %package -n       %{product_id}-base
 ################################################################################
@ -362,9 +326,9 @@ Requires:         python3-pki = %{version}-%{release}
 Requires(post):   python3-pki = %{version}-%{release}
 # Ensure we end up with a useful installation
 Conflicts:        pki-symkey < %{version}
 Conflicts:        pki-javadoc < %{version}
 Conflicts:        pki-server-theme < %{version}
 Conflicts:        %{product_id}-theme < %{version}
 %description -n   %{product_id}-base
 This package provides default configuration files for %{product_name} client.
@ -382,12 +346,10 @@ Provides:         python3-pki = %{version}-%{release}
 Obsoletes:        pki-base-python3 < %{version}-%{release}
 Provides:         pki-base-python3 = %{version}-%{release}
 %if 0%{?fedora} || 0%{?rhel} > 8
 %{?python_provide:%python_provide python3-pki}
 %endif
 Requires:         %{product_id}-base = %{version}-%{release}
-Requires:         python3 >= 3.5
+Requires:         python3 >= 3.9
 Requires:         python3-cryptography
 Requires:         python3-ldap
 Requires:         python3-lxml
@ -398,7 +360,7 @@ Requires:         python3-six
 This package provides common and client library for Python 3.
 ################################################################################
-%package -n       %{product_id}-base-java
+%package -n       %{product_id}-java
 ################################################################################
 Summary:          %{product_name} Base Java Package
@ -407,6 +369,9 @@ BuildArch:        noarch
 Obsoletes:        pki-base-java < %{version}-%{release}
 Provides:         pki-base-java = %{version}-%{release}
 Obsoletes:        %{product_id}-base-java < %{version}-%{release}
 Provides:         %{product_id}-base-java = %{version}-%{release}
 Requires:         %{java_headless}
 Requires:         apache-commons-cli
 Requires:         apache-commons-codec
@ -417,23 +382,14 @@ Requires:         apache-commons-net
 Requires:         slf4j
 Requires:         slf4j-jdk14
 Requires:         jpackage-utils >= 0:1.7.5-10
-Requires:         jss >= 5.0.0
+Requires:         jss >= 5.2.0
-Requires:         ldapjdk >= 5.0.0
+Requires:         ldapjdk >= 5.2.0
 Requires:         %{product_id}-base = %{version}-%{release}
 %if 0%{?rhel} && 0%{?rhel} <= 8
 Requires:         resteasy >= 3.0.26
 %else
 Requires:         resteasy-client >= 3.0.17-1
 Requires:         resteasy-core >= 3.0.17-1
 Requires:         resteasy-jackson2-provider >= 3.0.17-1
 %endif
-Requires:         xalan-j2
+%description -n   %{product_id}-java
 Requires:         xerces-j2
 Requires:         xml-commons-resolver
 %description -n   %{product_id}-base-java
 This package provides common and client libraries for Java.
 ################################################################################
@ -447,7 +403,7 @@ Provides:         pki-tools = %{version}-%{release}
 Requires:         openldap-clients
 Requires:         nss-tools >= 3.36.1
-Requires:         %{product_id}-base-java = %{version}-%{release}
+Requires:         %{product_id}-java = %{version}-%{release}
 Requires:         p11-kit-trust
 # PKICertImport depends on certutil and openssl
@ -458,6 +414,9 @@ Requires:         openssl
 This package provides tools that can be used to help make
 %{product_name} into a more complete and robust PKI solution.
 The utility "tpsclient" is a test tool that interacts with TPS.
 This tool is useful to test TPS server without risking an actual smart card.
 # with base
 %endif
@ -478,7 +437,6 @@ Requires:         policycoreutils
 Requires:         procps-ng
 Requires:         openldap-clients
 Requires:         openssl
 Requires:         %{product_id}-symkey = %{version}-%{release}
 Requires:         %{product_id}-tools = %{version}-%{release}
 Requires:         keyutils
@ -492,16 +450,16 @@ Requires:         python3-policycoreutils
 Requires:         selinux-policy-targeted >= 3.13.1-159
 %if 0%{?rhel} && ! 0%{?eln}
-Requires:         pki-servlet-engine
+Requires:         pki-servlet-engine >= 9.0.31
 %else
-Requires:         tomcat >= 1:9.0.7
+Requires:         tomcat >= 1:9.0.31
 %endif
 Requires:         systemd
 Requires(post):   systemd-units
 Requires(postun): systemd-units
 Requires(pre):    shadow-utils
-Requires:         tomcatjss >= 8.0.0
+Requires:         tomcatjss >= 8.2.0
 # pki-healthcheck depends on the following library
 %if 0%{?rhel}
@ -690,6 +648,7 @@ behind the firewall with restricted access.
 ################################################################################
 Summary:          %{product_name} TPS Package
 BuildArch:        noarch
 Obsoletes:        pki-tps < %{version}-%{release}
 Provides:         pki-tps = %{version}-%{release}
@ -720,10 +679,6 @@ Token Key Service (TKS)) to fulfill the user's requests.
 TPS also interacts with the token database, an LDAP server that stores
 information about individual tokens.
 The utility "tpsclient" is a test tool that interacts with TPS.  This
 tool is useful to test TPS server configs without risking an actual
 smart card.
 # with tps
 %endif
@ -740,8 +695,8 @@ Provides:         pki-javadoc = %{version}-%{release}
 # Ensure we end up with a useful installation
 Conflicts:        pki-base < %{version}
 Conflicts:        pki-symkey < %{version}
 Conflicts:        pki-server-theme < %{version}
 Conflicts:        %{product_id}-theme < %{version}
 %description -n   %{product_id}-javadoc
 This package provides %{product_name} API documentation.
@ -763,7 +718,7 @@ Obsoletes:        pki-console < %{version}-%{release}
 Provides:         pki-console = %{version}-%{release}
 Requires:         idm-console-framework >= 2.0
-Requires:         %{product_id}-base-java = %{version}-%{release}
+Requires:         %{product_id}-java = %{version}-%{release}
 Requires:         %{product_id}-console-theme = %{version}-%{release}
 %description -n   %{product_id}-console
@ -774,7 +729,7 @@ Requires:         %{product_id}-console-theme = %{version}-%{release}
 %if %{with theme}
 ################################################################################
-%package -n       %{product_id}-server-theme
+%package -n       %{product_id}-theme
 ################################################################################
 Summary:          %{product_name} Server Theme Package
@ -783,13 +738,15 @@ BuildArch:        noarch
 Obsoletes:        pki-server-theme < %{version}-%{release}
 Provides:         pki-server-theme = %{version}-%{release}
 Obsoletes:        %{product_id}-server-theme < %{version}-%{release}
 Provides:         %{product_id}-server-theme = %{version}-%{release}
 # Ensure we end up with a useful installation
 Conflicts:        pki-base < %{version}
 Conflicts:        pki-symkey < %{version}
 Conflicts:        pki-javadoc < %{version}
-%description -n   %{product_id}-server-theme
+%description -n   %{product_id}-theme
-This package provides theme files for %{product_name} Server.
+This package provides theme files for %{product_name}.
 %if %{with console}
 ################################################################################
@ -804,9 +761,9 @@ Provides:         pki-console-theme = %{version}-%{release}
 # Ensure we end up with a useful installation
 Conflicts:        pki-base < %{version}
 Conflicts:        pki-symkey < %{version}
 Conflicts:        pki-server-theme < %{version}
 Conflicts:        pki-javadoc < %{version}
 Conflicts:        %{product_id}-theme < %{version}
 %description -n   %{product_id}-console-theme
 This package provides theme files for %{product_name} Console.
@ -841,46 +798,28 @@ This package provides test suite for %{product_name}.
 %prep
 ################################################################################
-%autosetup -n pki-%{version}%{?_phase} -p 1
+%autosetup -n pki-%{version}%{?phase:-}%{?phase} -p 1
 ################################################################################
 %build
 ################################################################################
 # get Java <major>.<minor> version number
 java_version=`%{java_home}/bin/java -XshowSettings:properties -version 2>&1 | sed -n 's/ *java.version *= *\([0-9]\+\.[0-9]\+\).*/\1/p'`
 # if <major> == 1, get <minor> version number
 # otherwise get <major> version number
 java_version=`echo $java_version | sed -e 's/^1\.//' -e 's/\..*$//'`
 # assume tomcat app_server
 app_server=tomcat-9.0
 %if 0%{?rhel} && 0%{?rhel} <= 8
 %{__mkdir_p} build
 cd build
 %endif
 %cmake \
    --no-warn-unused-cli \
    -DPRODUCT_NAME="%{product_name}" \
    -DVERSION=%{version}-%{release} \
    -DVAR_INSTALL_DIR:PATH=/var \
    -DP11_KIT_TRUST=/etc/alternatives/libnssckbi.so.%{_arch} \
    -DJAVA_VERSION=${java_version} \
    -DJAVA_HOME=%{java_home} \
    -DPKI_JAVA_PATH=%{java_home}/bin/java \
    -DJAVA_LIB_INSTALL_DIR=%{_jnidir} \
    -DSYSTEMD_LIB_INSTALL_DIR=%{_unitdir} \
    -DAPP_SERVER=$app_server \
    -DJAXRS_API_JAR=%{jaxrs_api_jar} \
    -DRESTEASY_LIB=%{resteasy_lib} \
    -DNSS_DEFAULT_DB_TYPE=%{nss_default_db_type} \
    -DBUILD_PKI_CORE:BOOL=ON \
    -DPYTHON_EXECUTABLE=%{python_executable} \
-%if ! %{with server} && ! %{with acme} && ! %{with ca} && ! %{with kra} && ! %{with ocsp} && ! %{with tks} && ! %{with tps}
+    -DWITH_SERVER:BOOL=%{?with_server:ON}%{!?with_server:OFF} \
    -DWITH_SERVER:BOOL=OFF \
 %endif
    -DWITH_CA:BOOL=%{?with_ca:ON}%{!?with_ca:OFF} \
    -DWITH_KRA:BOOL=%{?with_kra:ON}%{!?with_kra:OFF} \
    -DWITH_OCSP:BOOL=%{?with_ocsp:ON}%{!?with_ocsp:OFF} \
@ -888,18 +827,14 @@ cd build
    -DWITH_TPS:BOOL=%{?with_tps:ON}%{!?with_tps:OFF} \
    -DWITH_ACME:BOOL=%{?with_acme:ON}%{!?with_acme:OFF} \
    -DWITH_JAVADOC:BOOL=%{?with_javadoc:ON}%{!?with_javadoc:OFF} \
-    -DWITH_TEST:BOOL=%{?with_test:ON}%{!?with_test:OFF} \
+    -DWITH_CONSOLE:BOOL=%{?with_console:ON}%{!?with_console:OFF} \
-    -DBUILD_PKI_CONSOLE:BOOL=%{?with_console:ON}%{!?with_console:OFF} \
+    -DWITH_TESTS:BOOL=%{?with_tests:ON}%{!?with_tests:OFF} \
    -DWITH_META:BOOL=%{?with_meta:ON}%{!?with_meta:OFF} \
    -DTHEME=%{?with_theme:%{theme}} \
-%if 0%{?rhel} && 0%{?rhel} <= 8
+    -DRUN_TESTS:BOOL=%{?with_test:ON}%{!?with_test:OFF} \
    ..
 %else
    -B %{_vpath_builddir}
 %endif
 %if 0%{?fedora} || 0%{?rhel} > 8
 cd %{_vpath_builddir}
 %endif
 # Do not use _smp_mflags to preserve build order
 %{__make} \
@ -914,11 +849,7 @@ cd %{_vpath_builddir}
 %install
 ################################################################################
 %if 0%{?rhel} && 0%{?rhel} <= 8
 cd build
 %else
 cd %{_vpath_builddir}
 %endif
 %{__make} \
    VERBOSE=%{?_verbose} \
@ -928,43 +859,10 @@ cd %{_vpath_builddir}
    --no-print-directory \
    install
-%if %{with test}
+%if %{with tests}
 ctest --output-on-failure
 %endif
 %if %{with meta}
 %{__mkdir_p} %{buildroot}%{_datadir}/doc/pki
 cat > %{buildroot}%{_datadir}/doc/pki/README << EOF
 This package is a "meta-package" whose dependencies pull in all of the
 packages comprising the %{product_name} Suite.
 EOF
 # with meta
 %endif
 # Customize client library links in /usr/share/pki/lib
 ln -sf /usr/share/java/jboss-logging/jboss-logging.jar %{buildroot}%{_datadir}/pki/lib/jboss-logging.jar
 %if 0%{?fedora} && 0%{?fedora} <= 34
 ln -sf /usr/share/java/jboss-annotations-1.2-api/jboss-annotations-api_1.2_spec.jar %{buildroot}%{_datadir}/pki/lib/jboss-annotations-api_1.2_spec.jar
 %else
 ln -sf /usr/share/java/jakarta-annotations/jakarta.annotation-api.jar %{buildroot}%{_datadir}/pki/lib/jakarta.annotation-api.jar
 %endif
 %if %{with server}
 # Customize server common library links in /usr/share/pki/server/common/lib
 ln -sf %{jaxrs_api_jar} %{buildroot}%{_datadir}/pki/server/common/lib/jboss-jaxrs-2.0-api.jar
 ln -sf /usr/share/java/jboss-logging/jboss-logging.jar %{buildroot}%{_datadir}/pki/server/common/lib/jboss-logging.jar
 %if 0%{?fedora} && 0%{?fedora} <= 34
 ln -sf /usr/share/java/jboss-annotations-1.2-api/jboss-annotations-api_1.2_spec.jar %{buildroot}%{_datadir}/pki/server/common/lib/jboss-annotations-api_1.2_spec.jar
 %else
 ln -sf /usr/share/java/jakarta-annotations/jakarta.annotation-api.jar %{buildroot}%{_datadir}/pki/server/common/lib/jakarta.annotation-api.jar
 %endif
 # with server
 %endif
 %if %{with server}
 %pre -n %{product_id}-server
@ -1035,14 +933,6 @@ fi
 %endif
 %if %{with base}
 ################################################################################
 %files -n %{product_id}-symkey
 ################################################################################
 %license base/symkey/LICENSE
 %{_jnidir}/symkey.jar
 %{_libdir}/symkey/
 ################################################################################
 %files -n %{product_id}-base
 ################################################################################
@ -1070,7 +960,7 @@ fi
 %{_mandir}/man8/pki-upgrade.8.gz
 ################################################################################
-%files -n %{product_id}-base-java
+%files -n %{product_id}-java
 ################################################################################
 %license base/common/LICENSE
@ -1098,14 +988,15 @@ fi
 %license base/tools/LICENSE
 %doc base/tools/doc/README
 %{_bindir}/p7tool
 %{_bindir}/p12tool
 %{_bindir}/p7tool
 %{_bindir}/pistool
 %{_bindir}/pki
 %{_bindir}/revoker
 %{_bindir}/setpin
 %{_bindir}/sslget
 %{_bindir}/tkstool
 %{_bindir}/tpsclient
 %{_bindir}/AtoB
 %{_bindir}/AuditVerify
 %{_bindir}/BtoA
@ -1132,6 +1023,7 @@ fi
 %{_javadir}/pki/pki-tools.jar
 %{_datadir}/pki/tools/
 %{_datadir}/pki/lib/p11-kit-trust.so
 %{_libdir}/tps/libtps.so
 %{_mandir}/man1/AtoB.1.gz
 %{_mandir}/man1/AuditVerify.1.gz
 %{_mandir}/man1/BtoA.1.gz
@ -1162,6 +1054,7 @@ fi
 %{_mandir}/man1/pki-user-membership.1.gz
 %{_mandir}/man1/PKCS10Client.1.gz
 %{_mandir}/man1/PKICertImport.1.gz
 %{_mandir}/man1/tpsclient.1.gz
 # with base
 %endif
@ -1296,14 +1189,6 @@ fi
 %{_datadir}/pki/tps/
 %{_mandir}/man5/pki-tps-connector.5.gz
 %{_mandir}/man5/pki-tps-profile.5.gz
 %{_mandir}/man1/tpsclient.1.gz
 # files for native 'tpsclient'
 # REMINDER:  Remove this comment once 'tpsclient' is rewritten as a Java app
 %{_bindir}/tpsclient
 %{_libdir}/tps/libtps.so
 %{_libdir}/tps/libtokendb.so
 # with tps
 %endif
@ -1332,7 +1217,7 @@ fi
 %if %{with theme}
 ################################################################################
-%files -n %{product_id}-server-theme
+%files -n %{product_id}-theme
 ################################################################################
 %license themes/%{theme}/common-ui/LICENSE
@ -1375,14 +1260,26 @@ fi
 ################################################################################
 %changelog
-* Fri Sep 30 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.6-1
+* Thu Aug 04 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.2.1-1
- Bug #2107335 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE [rhel-9.0.0.z]
+- Rebase to PKI 11.2.1
 - Bug #2107336 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE [rhel-9.1.0]
-* Fri May 06 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.5-1
+* Fri Jul 01 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.2.0-1
- Bug #2070907 - Drop SHA-1 use from authentication challenges [rhel-9.1.0] [rhel-9.0.0.z]
+- Rebase to PKI 11.2.0
 - Bug #2084639 ipa cert-request ssl error
 - Bug #2099312 SKI field is not reflected back in generated CSR
 - Bug #2095197 PKI cert-fix operation failing
-* Tue Mar 29 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.4-1
+* Fri May 06 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.2.0-0.4.beta3
- Bug #2049311 - pki-healthcheck ClonesConnectivyAndDataCheck fails
+- Rebase to PKI 11.2.0-beta3
 - Bug #2062808 Drop SHA-1 use from authentication challenges [rhel-9.1.0]
 * Mon May 02 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.2.0-0.3.beta2
 - Rebase to PKI 11.2.0-beta2
 - Rename packages to idm-pki
 * Mon Apr 18 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.2.0-0.2.beta1
 - Rebase to PKI 11.2.0-beta1
 * Wed Jan 19 2022 Red Hat PKI Team <rhcs-maint@redhat.com> - 11.0.3-1
 - Bug #2033109 Invalid certificates with creation of subCA (pkispawn single step)[rhel-9.0.0]
`@ -1 +1 @@`
	`SOURCES/pki-11.0.6.tar.gz`	`SOURCES/pki-11.2.1.tar.gz`
`@ -1 +1 @@`
	`e55d4ac4a14d3a2dc17546b47543cdd6fcef9b36 SOURCES/pki-11.0.6.tar.gz`	`b38832fe7b4778f70a8622d203e754ff931c85c5 SOURCES/pki-11.2.1.tar.gz`