-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-8003 2008-09-12 04:01:41 --------------------------------------------------------------------------------
Name : ipa Product : Fedora 9 Version : 1.1.0 Release : 7.fc9 URL : http://www.freeipa.org/ Summary : The Identity, Policy and Audit system Description : IPA is an integrated solution to provide centrally managed Identity (machine, user, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis thereof). -------------------------------------------------------------------------------- Update Information: Security update to address Kerberos master password disclosure flaw (CVE-2008-3274). A simple update is not sufficient to resolve the security issue. Please *carefully* follow the upgrade instructions at: http://freeipa.org/page/CVE-2008-3274 -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 10 2008 Simo Sorce <[EMAIL PROTECTED]> - 1.1.0-7 - Fix for CVE-2008-3274 * Wed Jul 23 2008 Simo Sorce <[EMAIL PROTECTED]> - 1.1.0-6 - Fix build error * Wed Jul 23 2008 Simo Sorce <[EMAIL PROTECTED]> - 1.1.0-5 - Fix segfault in ipa-kpasswd in case getifaddrs returns a NULL interface * Sun Jun 29 2008 Simo Sorce <[EMAIL PROTECTED]> - 1.1.0-4 - Add fix for bug #453185 * Mon Jun 23 2008 Simo Sorce <[EMAIL PROTECTED]> - 1.1.0-3 - Rebuild against openldap libraries, mozldap ones do not work properly * Wed Jun 18 2008 Rob Crittenden <[EMAIL PROTECTED]> - 1.1.0-2 - Add call to /usr/sbin/upgradeconfig to post install * Wed Jun 11 2008 Rob Crittenden <[EMAIL PROTECTED]> - 1.1.0-1 - Update to upstream version 1.1.0 - Patch for indexing memberof attribute - Patch for indexing uidnumber and gidnumber - Patch to change DNA default values for replicas - Patch to fix uninitialized variable in ipa-getkeytab * Fri May 23 2008 Rob Crittenden <[EMAIL PROTECTED]> - 1.0.0-7 - Add Requires for python-configobj to ipa-admintools * Thu May 15 2008 Rob Crittenden <[EMAIL PROTECTED]> - 1.0.0-6 - Set fedora-ds-base minimum version to 1.1.0.1-4 and mod_nss minimum version to 1.0.7-5 so we pick up the so we pick up the NSS fixes. - Add selinux-policy-base(post) to Requires (446496) * Tue Apr 29 2008 Rob Crittenden <[EMAIL PROTECTED]> - 1.0.0-5 - Add missing entry for /var/cache/ipa/kpasswd (444624) -------------------------------------------------------------------------------- References: [ 1 ] Bug #457835 - CVE-2008-3274 IPA Kerberos master password disclosure https://bugzilla.redhat.com/show_bug.cgi?id=457835 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipa' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce