Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

sssd-ipa-provider-1.5.11-5.2.3 RPM for x86_64

From OpenSuSE 12.1 for x86_64

Name: sssd-ipa-provider Distribution: openSUSE 12.1
Version: 1.5.11 Vendor: openSUSE
Release: 5.2.3 Build date: Sat Oct 29 22:00:05 2011
Group: System/Daemons Build host: build03
Size: 608585 Source RPM: sssd-1.5.11-5.2.3.src.rpm
Summary: FreeIPA provider plugin for sssd
This package provide the FreeIPA provider plugin for the System Security
Services Daemon (sssd).




GPLv3+ and LGPLv3+


* Wed Oct 19 2011
  - Fixed systemd related packaging issues (bnc#724157)
  - fixed build on older openSUSE releases
* Mon Sep 19 2011
  - Resolve "have choice for libnl-devel:
    libnl-1_1-devel libnl3-devel"
* Tue Aug 02 2011
  - Fixed typos in configure args
  - Cherry-picked password policy fixes from 1.5 branch (bnc#705768)
  - switched to fd-leak fix cherry-picked from 1.5 branch
  - Add /usr/sbin to the search path to make configure find nscd
* Fri Jul 29 2011
  - Add patches to fix an fd leak in sssd_pam
* Thu Jul 28 2011
  - Update to new upstream release 1.5.11
    * Support for overriding home directory, shell and primary GID
    * Properly honor TTL values from SRV record lookups
    * Support non-POSIX groups in nested group chains (for RFC2307bis
    LDAP servers)
    * Properly escape IPv6 addresses in the failover code
    * Do not crash if inotify fails (e.g. resource exhaustion)
  - Remove redundant %clean section; delete .la files more
* Tue Jun 07 2011
  - Update to 1.5.8:
    * Support for the LDAP paging control
    * Support for multiple DNS servers for name resolution
    * Fixes for several group membership bugs
    * Fixes for rare crash bugs
* Wed May 04 2011
  - Update to 1.5.7
    * A flaw was found in the handling of cached passwords when
      kerberos renewal tickets is enabled.  Due to a bug, the cached
      password was overwritten with a (moderately) predictable
      filename, which could allow a user to authenticate as someone
      else if they knew the name of the cache file (bnc#691135,
  - Changes in 1.5.6:
    * Fixed a serious memory leak in the memberOf plugin
    * Fixed a regression with the negative cache that caused it to be
      essentially nonfunctional
    * Fixed an issue where the user's full name would sometimes be
      removed from the cache
    * Fixed an issue with password changes in the kerberos provider
      not working with kpasswd
* Thu Apr 14 2011
  - Update to 1.5.5
    * Fixes for several crash bugs
    * LDAP group lookups will no longer abort if there is a
    zero-length member attribute
    * Add automatic fallback to 'cn' if the 'gecos' attribute does not
* Wed Mar 30 2011
  - Should build in SLE-11-SP1 now
* Tue Mar 29 2011
  - Updated to 1.5.4
    * Fixes for Active Directory when not all users and groups have
      POSIX attributes
    * Fixes for handling users and groups that have name aliases
      (aliases are ignored)
    * Fix group memberships after initgroups in the IPA provider
* Thu Mar 24 2011
  - Updated to 1.5.3
    * Support for libldb >= 1.0.0
    * Proper detection of manpage translations
    * Changes between 1.5.1 and 1.5.2
    * Fixes for support of FreeIPA v2
    * Fixes for failover if DNS entries change
    * Improved sss_obfuscate tool with better interactive mode
    * Fix several crash bugs
    * Don't attempt to use START_TLS over SSL. Some LDAP servers
      can't handle this
    * Delete users from the local cache if initgroups calls return
      'no such user' (previously only worked for getpwnam/getpwuid)
    * Use new translations
    * Better support for automatic TGT renewal (now survives
    * Netgroup fixes
* Tue Mar 08 2011
  - Updated to 1.5.1
    * Vast performance improvements when enumerate = true
    * All PAM actions will now perform a forced initgroups lookup
      instead of just a user information lookup This guarantees that
      all group information is available to other providers, such as
      the simple provider.
    * For backwards-compatibility, DNS lookups will also fall back to
      trying the SSSD domain name as a DNS discovery domain.
    * Support for more password expiration policies in LDAP
    - 389 Directory Server
    - FreeIPA
    - ActiveDirectory
    * Support for ldap_tls_{cert,key,cipher_suite} config options
    * Assorted bugfixes
* Wed Jan 19 2011
  - /var/lib/sss/pubconf was missing (bnc#665442)
* Tue Jan 18 2011
  - It was possible to make sssd hang forever inside a loop in the
    PAM responder by sending a carefully crafted packet to sssd.
    This could be exploited by a local attacker to crash sssd and
    prevent other legitimate users from logging into the system.
    (bnc#660481, CVE-2010-4341)
* Sun Dec 19 2010
  - Own /etc/systemd directories to fix build.
* Thu Nov 25 2010
  - install systemd service file
* Tue Nov 16 2010
  - Updated to 1.4.1
    * Add support for netgroups to the LDAP and proxy providers
    * Fixes a minor bug with UIDs/GIDs >= 2^31
    * Fixes a segfault in the kerberos provider
    * Fixes a segfault in the NSS responder if a data provider crashes
    * Correctly use sdap_netgroup_search_base
    * the utility libraries libpath_utils1, libpath_utils-devel,
      libref_array1 and libref_array-devel moved to their own
      separate upstream project (ding-libs)
    * Performance improvements made to group processing of RFC2307
      LDAP servers
    * Fixed nested group issues with RFC2307bis LDAP servers without
      a memberOf plugin
    * Manpage reviewed and updated
* Mon Sep 13 2010
  - remove hard coded python version
* Fri Sep 03 2010
  - No dependencies on %{release}
* Mon Aug 30 2010
  - Updated to 1.3.1
    * Fixes to the HBAC backend for obsolete or removed HBAC entries
    * Improvements to log messages around TLS and GSSAPI for LDAP
    * Support for building in environments using --as-needed LDFLAGS
    * Vast performance improvement for initgroups on RFC2307 LDAP servers
    * Long-running SSSD clients (e.g. GDM) will now reconnect properly to the
    daemon if SSSD is restarted
    * Rewrote the internal LDB cache API. As a synchronous API it is now faster
    to access and easier to work with
    * Eugene Indenbom contributed a sizeable amount of code to the LDAP provider
    - We now handle failover situations much more reliably than we did
    - We also will now monitor the GSSAPI kerberos ticket and automatically
      renew it when appropriate, instead of waiting for a connection to fail
    * Support for netlink now allows us to more quickly detect situations
    where we may have come online
    * New option "dns_discovery_domain" allows better configuration for
    using SRV records for failover
  - New subpackages: libpath_utils1, libpath_utils-devel, libref_array1
    and libref_array-devel
* Wed Mar 31 2010
  - Package pam- and nss-Modules as baselibs
  - cleaned up file list and dependencies
  - fixed init script dependencies
* Wed Mar 31 2010
  - Updated to 1.1.0
    * Support for IPv6
    * Support for LDAP referrals
    * Offline failed login counter
    * Fix for the long-standing cache cleanup performance issues
    * libini_config, libcollection, libdhash, libref_array and
      libpath_utils are now built as shared libraries for general
      consumption (libref_array and libpath_utils are currently not
      packaged, as no component in sssd links against them)
    * Users get feedback from PAM if they authenticated offline
    * Native local backend now has a utility to show nested memberships
    * New "simple" access provider for easy restriction of users
  - Backported libcrypto support from master to avoid Mozilla NSS
  - Backported password policy improvments for LDAP provider from
* Mon Mar 08 2010
  - use logfiles for debug messages by default
* Fri Mar 05 2010
  - subpackages for commandline tools, ipa-provider plugin and
    python API
* Fri Feb 26 2010
  - Updated to 1.0.5. Highlights:
    * Removed some dead code (libreplace
    * Clarify licenses throughout the code
* Thu Feb 04 2010
  - Updated to 1.0.4
* Thu Oct 08 2009
  - Update to 0.6.0
* Fri Sep 04 2009
  - fix LDAP filter for initgroups() with  rfc2307bis setups
* Tue Sep 01 2009
  - initial package submission



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Jun 10 06:23:21 2017