Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: ipa-selinux | Distribution: CentOS |
Version: 4.12.2 | Vendor: CentOS |
Release: 1.el10 | Build date: Thu Aug 22 08:00:07 2024 |
Group: Unspecified | Build host: aarch64-02.stream.rdu2.redhat.com |
Size: 16959 | Source RPM: ipa-4.12.2-1.el10.src.rpm |
Packager: builder@centos.org | |
Url: http://www.freeipa.org/ | |
Summary: FreeIPA SELinux policy |
Custom SELinux policy module for FreeIPA
GPL-3.0-or-later
* Thu Aug 22 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.2.1 - Resolves: RHEL-54545 Covscan issues: Resource Leak - Resolves: RHEL-54304 support for python cryptography 43.0.0 - Resolves: RHEL-49805 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w - Resolves: RHEL-46897 With unreachable AD, ipa trust returns an internal error * Thu Aug 08 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.1-4 - Resolves: RHEL-53501 adtrustinstance only prints issues in check_inst() and does not log them - Resolves: RHEL-52305 Unconditionally add MS-PAC to global config - Resolves: RHEL-52223 ipa-replica/server-install with softhsm needs to check permission/ownership of /var/lib/softhsm/tokens to avoid install failure - Resolves: RHEL-51937 Include latest fixes in python3-ipatests packages - Resolves: RHEL-50805 ipa-migrate -Z with invalid cert options fails with 'ValueError: option error' - Resolves: RHEL-49805 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w - Resolves: RHEL-49592 'Unable to log in as uid=admin-replica.testrealm.test,ou=people,o=ipaca' during replica install - Resolves: RHEL-4879 RFE - Keep the configured value for the "nsslapd-ignore-time-skew" after a "force-sync" * Thu Jul 18 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.1-3 - Resolves: RHEL-49452 Include latest fixes in python3-ipatests packages - Resolves: RHEL-49433 Adjust "ipa config-mod --addattr ipaconfigstring=EnforceLDAPOTP" to allow for non OTP users in some cases - Resolves: RHEL-49432 ipa-migrate stage-mode is failing with error: Modifying a mapped attribute in a managed entry is not allowed - Resolves: RHEL-49413 ipa-migrate with -Z option fails with ValueError: option error - Resolves: RHEL-47157 ipa-migrate -V options fails to display version - Resolves: RHEL-47148 Pagure #9629: Syntax error uninstalling the selinux-luna subpackage - Resolves: RHEL-40892 ipa-server-install: token_password_file read in kra.install_check after calling hsm_validator in ca.install_check * Mon Jul 08 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.1-2 - Resolves: RHEL-46607 kdc.crt certificate not getting automatically renewed by certmonger in IPA Hidden replica - Resolves: RHEL-46606 ipa-client rpm post script creates always ssh_config.orig even if nothing needs to be changed - Resolves: RHEL-46605 IPA Web UI not showing replication agreement for non-admin users - Resolves: RHEL-46592 [RFE] Allow IPA SIDgen task to continue if it finds an entity that SID can't be assigned to - Resolves: RHEL-46556 Include latest fixes in python3-ipatests packages - Resolves: RHEL-42705 PSKC.xml issues with ipa_otptoken_import.py * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 4.12.1-1.1 - Bump release for June 2024 mass rebuild * Wed Jun 12 2024 Julien Rische <jrische@redhat.com> - 4.12.1-1 - Resolves: RHEL-32233 CVE-2024-3183 freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force - Resolves: RHEL-40881 CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service * Tue Jun 04 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.0-1 - Resolves: RHEL-39144 Rebase ipa to the latest 4.12 version for RHEL 10 - Resolves: RHEL-30537 ipa: freeipa: argument injection into the username field of the /ipa/session/login_password requests * Thu Feb 22 2024 Troy Dawson <tdawson@redhat.com> - 4.11.1-4 - Bump release to rebuild on correct samba * Thu Feb 08 2024 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.1-3 - Support 389-ds with lmdb backend * Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.11.1-2 - Rebuild against Samba 4.20rc1 - Fix memory leak in Kerberos KDC driver - Fix possible crash in IPA command line tool when accessing Kerberos credentials - Compatibility fix for Python Cryptography 42.0.0 - NetBIOS defaults fix - Fix default host keytab retrieval permissions * Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.11.1-1.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.11.1-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Wed Jan 10 2024 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.1-1 - Security release: CVE-2023-5455 - Resolves: rhbz#2257646 * Wed Nov 08 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-7 - ipalib: fix the IPACertificate validity dates (python 3.12 compatibility) - Handle PKI revocation response differences in JSON API - Allow removal of minimal length from a custom password policy * Mon Oct 23 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-6 - Adopt trust to AD code to Samba changes in case SIDs are malformed * Tue Oct 03 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-5 - FreeIPA 4.11.0 release - Simplify Fedora spec file - Release notes: https://www.freeipa.org/release-notes/4-11-0.html * Mon Sep 18 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-4.beta1 - Depend on selinux-policy-38.28-1.fc39 - Add SELinux policy for passkey_child to be used without ipa-otpd - Related: rhbz#2238474 * Tue Sep 12 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-3.beta1 - Restore properly SELinux context during IPA client uninstallation - Related: rhbz#2238474 * Tue Sep 12 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-2.beta1 - Set 'sssd_use_usb' SELinux boolean when enrolling IPA client - Resolves: rhbz#2238474 * Mon Aug 21 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.11.0-1.beta1 - FreeIPA 4.11.0 beta 1 - Release notes: https://www.freeipa.org/release-notes/4-11-0-beta.html * Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.10.2-1.3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Wed Jul 05 2023 Miro HronĨok <mhroncok@redhat.com> - 4.10.2-1.2 - Use ssl.match_hostname from urllib3 as it was removed from Python 3.12 * Tue Jun 27 2023 Python Maint <python-maint@redhat.com> - 4.10.2-1.1 - Rebuilt for Python 3.12 * Tue Jun 13 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.2-1 - Upstream release FreeIPA 4.10.2 - Synchronize patches with CentOS 9 Stream * Mon May 15 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.1-5 - Support python-cryptography 40.0 * Thu Mar 30 2023 Jerry James <loganjerry@gmail.com> - 4.10.1-4 - Change fontawesome-fonts R to match fontawesome 4.x * Fri Jan 20 2023 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.1-3 - Rebuild against Samba 4.18.0RC1 * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.10.1-2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Dec 01 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.1-2 - Rebuild against krb5-1.20.1-1 * Sun Nov 27 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.1-1 - Upstream release FreeIPA 4.10.1 * Wed Sep 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.0-6 - Rebuild against final samba 4.17.0 release * Wed Aug 24 2022 Adam Williamson <awilliam@redhat.com> - 4.10.0-5 - Rebuild against new samba-client-libs (for F37) * Wed Aug 24 2022 Thomas Woerner <twoerner@redhat.com> - 4.10.0-4 - Disabling gracelimit does not prevent LDAP binds - webui: Allow grace login limit - Fix dns resolver for nameservers with ports - Set passwordgracelimit to match global policy on group pw policies
/usr/share/selinux/packages/targeted/ipa.pp.bz2 /var/lib/selinux/targeted/active/modules/200/ipa
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Nov 15 08:31:45 2024