-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-19221 2010-12-24 23:45:53 --------------------------------------------------------------------------------
Name : sssd Product : Fedora 14 Version : 1.5.0 Release : 1.fc14 URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon Description : Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for projects like FreeIPA. -------------------------------------------------------------------------------- Update Information: * Fixed issues with LDAP search filters that needed to be escaped * Add Kerberos FAST support on platforms that support it * Reduced verbosity of PAM_TEXT_INFO messages for cached credentials * Added a Kerberos access provider to honor .k5login * Addressed several thread-safety issues in the sss_client code * Improved support for delayed online Kerberos auth * Significantly reduced time between connecting to the network/VPN and acquiring a TGT * Added feature for automatic Kerberos ticket renewal * Provides the kerberos ticket for long-lived processes or cron jobs even when the user logs out * Added several new features to the LDAP access provider * Support for 'shadow' access control * Support for authorizedService access control * Ability to mix-and-match LDAP access control features * Added an option for a separate password-change LDAP server for those platforms where LDAP referrals are not supported * Added support for manpage translations -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 22 2010 Stephen Gallagher <[email protected]> - 1.5.0-1 - New upstream release 1.5.0 - Fixed issues with LDAP search filters that needed to be escaped - Add Kerberos FAST support on platforms that support it - Reduced verbosity of PAM_TEXT_INFO messages for cached credentials - Added a Kerberos access provider to honor .k5login - Addressed several thread-safety issues in the sss_client code - Improved support for delayed online Kerberos auth - Significantly reduced time between connecting to the network/VPN and - acquiring a TGT - Added feature for automatic Kerberos ticket renewal - Provides the kerberos ticket for long-lived processes or cron jobs - even when the user logs out - Added several new features to the LDAP access provider - Support for 'shadow' access control - Support for authorizedService access control - Ability to mix-and-match LDAP access control features - Added an option for a separate password-change LDAP server for those - platforms where LDAP referrals are not supported - Added support for manpage translations * Thu Nov 18 2010 Stephen Gallagher <[email protected]> - 1.4.1-3 - Solve a shutdown race-condition that sometimes left processes running - Resolves: rhbz#606887 - SSSD stops on upgrade * Tue Nov 16 2010 Stephen Gallagher <[email protected]> - 1.4.1-2 - Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf * Mon Nov 1 2010 Stephen Gallagher <[email protected]> - 1.4.1-1 - New upstream release 1.4.1 - Add support for netgroups to the proxy provider - Fixes a minor bug with UIDs/GIDs >= 2^31 - Fixes a segfault in the kerberos provider - Fixes a segfault in the NSS responder if a data provider crashes - Correctly use sdap_netgroup_search_base * Mon Oct 18 2010 Stephen Gallagher <[email protected]> - 1.4.0-2 - Fix incorrect tarball URL * Mon Oct 18 2010 Stephen Gallagher <[email protected]> - 1.4.0-1 - New upstream release 1.4.0 - Added support for netgroups to the LDAP provider - Performance improvements made to group processing of RFC2307 LDAP servers - Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin - Build-system improvements to support Gentoo - Split out several libraries into the ding-libs tarball - Manpage reviewed and updated -------------------------------------------------------------------------------- References: [ 1 ] Bug #645832 - sssd craches AD https://bugzilla.redhat.com/show_bug.cgi?id=645832 [ 2 ] Bug #646781 - id only returns primary group membership https://bugzilla.redhat.com/show_bug.cgi?id=646781 [ 3 ] Bug #658689 - On screen unlock, pam_sss doesn't renew Kerberos ticket https://bugzilla.redhat.com/show_bug.cgi?id=658689 [ 4 ] Bug #658444 - sssd generates corrupt database when started by puppetd from kickstart %post https://bugzilla.redhat.com/show_bug.cgi?id=658444 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update sssd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
