The SSSD team is proud to announce the bugfix release of the System Security Services Daemon version 1.8.4.
As usual, the source can be downloaded from https://fedorahosted.org/sssd/ == Highlights == Fix a bug causing AD servers not to fail over properly when the KDC on the primary server is down Fix an endianness bug on big-endian systems when looking up services Fix a segfault dealing with nested groups Make the nowait cache updates work for netgroups Fix a regression that broke domains with use_fully_qualified_names = True == Tickets Fixed == https://fedorahosted.org/sssd/ticket/1206 RHEL5 detection in sssd.spec.in does not work https://fedorahosted.org/sssd/ticket/1321 Warning in debug log about nscd https://fedorahosted.org/sssd/ticket/1322 Special-case LDAP_SIZELIMIT_EXCEEDED when handling ldap return codes https://fedorahosted.org/sssd/ticket/1324 LDAP provider needs to use all available servers for GSSAPI if the child times out https://fedorahosted.org/sssd/ticket/1325 heimdal: configure: Kerberos locator plugin cannot be build https://fedorahosted.org/sssd/ticket/1329 Group enumeration fails in proxy provider https://fedorahosted.org/sssd/ticket/1333 Potential NULL dereference in proxy provider https://fedorahosted.org/sssd/ticket/1335 sss_groupadd no longer detects duplicate GID numbers https://fedorahosted.org/sssd/ticket/1338 sssd does not provide maps for automounter when custom schema is being used https://fedorahosted.org/sssd/ticket/1340 SSSD netgroups do not honor entry_cache_nowait_percentage https://fedorahosted.org/sssd/ticket/1343 sssd_be crashed with SIGSEGV in _tevent_schedule_immediate() https://fedorahosted.org/sssd/ticket/1344 Loading of selinux user maps broken https://fedorahosted.org/sssd/ticket/1348 Service lookups by port number doesn't work on s390x/ppc64 arches == Detailed Changelog == Ariel Barria (2): Potential NULL dereference in proxy provider Warn to syslog when dereference requests fail Jakub Hrozek (11): Special-case LDAP_SIZELIMIT_EXCEEDED Kerberos locator: Include the correct krb5.h header file krb5 locator: Do not leak addrinfo Try all KDCs when getting TGT for LDAP Send the correct enumeration request SYSDB: Handle user and group renames better Use the sysdb attribute name, not LDAP attribute name LDAP nested groups: Do not process callback with _post deep in the nested structure Use sized_string correctly in FQDN domains Send 16bit protocol numbers from the sss_client Revert the client packet length, too, after reverting the packet protocol Jan Engelhardt (1): build: resolve link failure Jan Zeleny (1): Fixed issue in SELinux user maps Stef Walter (3): Limit krb5_get_init_creds_keytab() to etypes in keytab If canon'ing principals, write ccache with updated default principal Remove erroneous failure message in find_principal_in_keytab Stephen Gallagher (7): Bump version to 1.8.4 murmurhash: Relax inline requirement RPM: Allow running 'make rpms' on RHEL 5 machines NSS: Expire in-memory netgroup cache before the nowait timeout KRB5: Avoid NULL-dereference with empty keytab NSS: Restore original protocol for getservbyport Updating translations for 1.8.4 release
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Freeipa-interest mailing list Freeipa-interest@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-interest