Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

ipa-server-dns-4.12.2-1.el9_5.2.alma.1 RPM for noarch

From AlmaLinux 9.5 AppStream for x86_64

Name: ipa-server-dns Distribution: AlmaLinux
Version: 4.12.2 Vendor: AlmaLinux
Release: 1.el9_5.2.alma.1 Build date: Mon Dec 23 10:31:42 2024
Group: Unspecified Build host: s390x-builder01.almalinux.org
Size: 94281 Source RPM: ipa-4.12.2-1.el9_5.2.alma.1.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: http://www.freeipa.org/
Summary: IPA integrated DNS server with support for automatic DNSSEC signing
IPA integrated DNS server with support for automatic DNSSEC signing.
Integrated DNS server is BIND 9. OpenDNSSEC provides key management.

Provides

Requires

License

GPL-3.0-or-later

Changelog

* Mon Dec 23 2024 Eduard Abdullin <eabdullin@almalinux.org> - 4.12.2-1.2.alma.1
  - Add ipa-idrange-fix
  - ipatests: Add missing comma in
   test_idrange_no_rid_bases_reversed
  - ipatests: Fixes for ipa-idrange-fix testsuite
  - Do not let user with an expired OTP token to log in if only
   OTP is allowed
* Wed Aug 21 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.2-1
  - Resolves: RHEL-54546 Covscan issues: Resource Leak
  - Resolves: RHEL-49602 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w
  - Resolves: RHEL-40359 With unreachable AD, ipa trust returns an internal error
* Thu Aug 08 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-7
  - Resolves: RHEL-53500 adtrustinstance only prints issues in check_inst() and does not log them
  - Resolves: RHEL-52306 Unconditionally add MS-PAC to global config
  - Resolves: RHEL-52300 RFE - Keep the configured value for the "nsslapd-ignore-time-skew" after a "force-sync"
  - Resolves: RHEL-52222 ipa-replica/server-install with softhsm needs to check permission/ownership of /var/lib/softhsm/tokens to avoid install failure
  - Resolves: RHEL-51944 Include latest fixes in python3-ipatests packages
  - Resolves: RHEL-50804 ipa-migrate -Z with invalid cert options fails with 'ValueError: option error'
  - Resolves: RHEL-49602 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w
  - Resolves: RHEL-27856 'Unable to log in as uid=admin-replica.testrealm.test,ou=people,o=ipaca' during replica install
* Thu Jul 18 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-6
  - Resolves: RHEL-47292 Include latest fixes in python3-ipatests packages
  - Resolves: RHEL-47146 Syntax error uninstalling the selinux-luna subpackage
  - Resolves: RHEL-46009 ipa-migrate with -Z option fails with ValueError: option error
  - Resolves: RHEL-46003 ipa-migrate -V options fails to display version
  - Resolves: RHEL-45463 ipa-migrate stage-mode is failing with error: Modifying a mapped attribute in a managed entry is not allowed
  - Resolves: RHEL-40890 ipa-server-install: token_password_file read in kra.install_check after calling hsm_validator in ca.install_check
  - Resolves: RHEL-40661 Adjust "ipa config-mod --addattr ipaconfigstring=EnforceLDAPOTP" to allow for non OTP users in some cases
* Mon Jul 08 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-5
  - Resolves: RHEL-37285 IPA Web UI not showing replication agreement for non-admin users
  - Resolves: RHEL-42703 PSKC.xml issues with ipa_otptoken_import.py
  - Resolves: RHEL-41194 ipa-client rpm post script creates always ssh_config.orig even if nothing needs to be changed
  - Resolves: RHEL-39477 kdc.crt certificate not getting automatically renewed by certmonger in IPA Hidden replica
  - Resolves: RHEL-46559 Include latest fixes in python3-ipatests packages
  - Resolves: RHEL-22188 [RFE] Allow IPA SIDgen task to continue if it finds an entity that SID can't be assigned to
* Mon Jun 10 2024 Julien Rische <jrische@redhat.com> - 4.12.0-4
  - Resolves: RHEL-29928 CVE-2024-3183 freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force
  - Resolves: RHEL-29691 CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service
* Wed Jun 05 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-3
  - Related: RHEL-34809
  temporarily revert a commit that depends on newer version of python-jwcrypto
* Tue Jun 04 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-2
  - Resolves: RHEL-39950 ipa-client can't be installed because of a missing dependency
* Wed May 29 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-1
  - Resolves: RHEL-39140 Rebase ipa to the latest 4.12 version for RHEL 9.5
  - Resolves: RHEL-34757 The change for preventing deletion of the admin user caused a regression in disable
  - Resolves: RHEL-30553 Depend on nfsv4-client-utils or nfs-utils
  - Resolves: RHEL-29762 IPA sidgen fails to create SID for manually set ID for a new range [rhel-9.5.0]
  - Resolves: RHEL-26261 Fix replica connection check for use with AD administrator
  - Resolves: RHEL-18062 ipa ca-show NAME --certificate-out=file creates empty file when NAME does not exist
  - Resolves: RHEL-12149 traceback in ipaserver/dcerpc.py
  - Resolves: RHEL-4810 [RFE] FreeIPA-to-FreeIPA migration
  - Resolves: RHEL-4807 [RFE] Support in IPA for HSM boxes
* Tue Apr 30 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-11
  - Resolves: RHEL-33645 - Update samba to version 4.20.0
* Fri Mar 29 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-10
  - Resolves: RHEL-23377 Enforce OTP for ldap bind (in some scenarios)
  - Resolves: RHEL-29745 Unable to re-add broken AD trust - NT_STATUS_INVALID_PARAMETER
  - Resolves: RHEL-30905 Backport latest test fixes in ipa
* Thu Mar 07 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-9
  - Resolves: RHEL-28258 vault fails on non-fips client if server is in FIPS mode
  - Resolves: RHEL-26154 ipa: freeipa: specially crafted HTTP requests potentially lead to DoS or data exposure
* Tue Feb 20 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-8
  - Resolves: RHEL-12143 'ipa vault-add is failing with ipa: ERROR: an internal error has occurred in FIPS mode
  - Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available
* Fri Feb 16 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-7
  - Resolves: RHEL-25260 tier-1-upstream-dns-locations failed on RHEL8.8 gating
  - Resolves: RHEL-25738 ipa-kdb: Cannot determine if PAC generator is available
  - Resolves: RHEL-25815 Backport latest test fixes in python3-ipatests
* Fri Feb 09 2024 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-6
  - Resolves: RHEL-23627 IPA stops working if HTTP/... service principal was created before FreeIPA 4.4.0 and never modified
  - Resolves: RHEL-23625 sidgen plugin does not ignore staged users
  - Resolves: RHEL-23621 session cookie can't be read
  - Resolves: RHEL-22372 Gating-DL1 test failure in test_integration/test_dns_locations.py::TestDNSLocations::()::test_ipa_ca_records
  - Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix
  - Resolves: RHEL-17996 Memory leak in IdM's KDC
* Thu Jan 18 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-5
  - Resolves: RHEL-12589 ipa: Invalid CSRF protection
  - Resolves: RHEL-19748 ipa hbac-test did not report that it hit an arbitrary search limit
  - Resolves: RHEL-21059 'DogtagCertsConfigCheck' fails, displaying the error message 'Malformed directive: ca.signing.certnickname=caSigningCert cert-pki-ca'
  - Resolves: RHEL-21804 ipa client 4.10.2 - Failed to obtain host TGT
  - Resolves: RHEL-21809 CA less servers are failing to be added in topology segment for domain suffix
  - Resolves: RHEL-21810 ipa-client-install --automount-location does not work
  - Resolves: RHEL-21811 Handle change in behavior of pki-server ca-config-show in pki 11.5.0
  - Resolves: RHEL-21812 Backport latest test fixes in ipa
  - Resolves: RHEL-21813 krb5kdc fails to start when pkinit and otp auth type is enabled in ipa
  - Resolves: RHEL-21815 IPA 389ds plugins need to have better logging and tracing
  - Resolves: RHEL-21937 Make sure a default NetBIOS name is set if not passed in by ADTrust instance constructor
* Fri Dec 01 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-4
  - Resolves: RHEL-16985 Handle samba 4.19 changes in samba.security.dom_sid()
* Mon Nov 20 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-3
  - Resolves: RHEL-14428 healthcheck reports nsslapd-accesslog-logbuffering is set to 'off'
* Mon Nov 06 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-2
  - Resolves: RHEL-14292 Backport latest test fixes in python3-ipatests
  - Resolves: RHEL-15443 Server install: failure to install with externally signed CA because of timezone issue
  - Resolves: RHEL-15444 Minimum length parameter in pwpolicy cannot be removed with empty string
  - Resolves: RHEL-14842 Upstream xmlrpc tests are failing in RHEL9.4
* Fri Oct 06 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.11.0-1
  - Resolves: RHEL-11652 Rebase ipa to latest 4.11.x version for RHEL 9.4
* Thu Aug 17 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.2-4
  - Resolves: rhbz#2231847 RHEL 8.8 & 9.2 fails to create AD trust with STIG applied
  - Resolves: rhbz#2232056 Include latest test fixes in python3-ipatests
* Thu Aug 10 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.2-3
  - Resolves: rhbz#2229712 Delete operation protection for admin user
  - Resolves: rhbz#2227831 Interrupt request processing in ipadb_fill_info3() if connection to 389ds is lost
  - Resolves: rhbz#2227784 libipa_otp_lasttoken plugin memory leak
  - Resolves: rhbz#2224570 Improved error messages are needed when attempting to add a non-existing idp to a user
  - Resolves: rhbz#2230251 Backport latest test fixes to python3-ipatests
* Thu Jun 29 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.2-2
  - Resolves: rhbz#2192969 Better handling of the command line and web UI cert search and/or list features
  - Resolves: rhbz#2214933 Uninstalling of the IPA server is encountering a failure during the unconfiguration of the CA (Unconfiguring CA)
  - Resolves: rhbz#2216114 After updating the RHEL from 8.7 to 8.8, IPA services fails to start
  - Resolves: rhbz#2216549 Upgrade to 4.9.10-6.0.1 fails: attributes are managed by topology plugin
  - Resolves: rhbz#2216611 Backport latest test fixes in python3-ipatests
  - Resolves: rhbz#2216872 User authentication failing on OTP validation using multiple tokens, succeeds with password only
* Tue Jun 06 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.2-1
  - Resolves: rhbz#2196426 [Rebase] Rebase ipa to latest 4.10.x release for RHEL 9.3
  - Resolves: rhbz#2192969 Better handling of the command line and web UI cert search and/or list features
  - Resolves: rhbz#2192625 Better catch of the IPA web UI event "IPA Error 4301:CertificateOperationError", and IPA httpd error CertificateOperationError
  - Resolves: rhbz#2188567 IPA client Kerberos configuration incompatible with java
  - Resolves: rhbz#2182683 Tolerate absence of PAC ticket signature depending of domain and servers capabilities [rhel-9]
  - Resolves: rhbz#2180914 Sequence processing failures for group_add using server context
  - Resolves: rhbz#2165880 Add RBCD support to IPA
  - Resolves: rhbz#2160399 get_ranges - [file ipa_sidgen_common.c, line 276]: Failed to convert LDAP entry to range struct
* Wed Feb 22 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-6
  - Resolves: rhbz#2169632 Backport latest test fixes in python3-ipatests
* Mon Feb 13 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-5
  - Resolves: rhbz#2162656 Passwordless (GSSAPI) SSH not working for subdomain
  - Resolves: rhbz#2166326 Removing the last DNS type for ipa-ca does not work
  - Resolves: rhbz#2167473 RFE - Add a warning note about possible performance impact of the Auto Member rebuild task
  - Resolves: rhbz#2168244 requestsearchtimelimit=0 doesn't seems to be work with ipa-acme-manage pruning command
* Mon Feb 06 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-4
  - Resolves: rhbz#2161284 'ERROR Could not remove /tmp/tmpbkw6hawo.ipabkp' can be seen prior to 'ipa-client-install' command was successful
  - Resolves: rhbz#2164403 ipa-trust-add with --range-type=ipa-ad-trust-posix fails while creating an ID range
  - Resolves: rhbz#2162677 RFE: Implement support for PKI certificate and request pruning
  - Resolves: rhbz#2167312 - Backport latest test fixes in python3-ipatests

Files

/etc/ipa/dnssec
/etc/sysconfig/ipa-dnskeysyncd
/etc/sysconfig/ipa-ods-exporter
/usr/lib/systemd/system/ipa-dnskeysyncd.service
/usr/lib/systemd/system/ipa-ods-exporter.service
/usr/lib/systemd/system/ipa-ods-exporter.socket
/usr/libexec/ipa/ipa-dnskeysync-replica
/usr/libexec/ipa/ipa-dnskeysyncd
/usr/libexec/ipa/ipa-ods-exporter
/usr/sbin/ipa-dns-install
/usr/share/doc/ipa-server-dns
/usr/share/doc/ipa-server-dns/Contributors.txt
/usr/share/doc/ipa-server-dns/README.md
/usr/share/licenses/ipa-server-dns
/usr/share/licenses/ipa-server-dns/COPYING
/usr/share/man/man1/ipa-dns-install.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Dec 24 10:12:44 2024