Package sssd-krb5: Information
Binary package: sssd-krb5
Version: 2.9.4-alt2
Architecture: aarch64
Build time: May 3, 2024, 11:28 PM in the task #342425
Source package: sssd
Category: System/Servers
Report package bugDownload: sssd-krb5-2.9.4-alt2.aarch64.rpm
Home page: https://pagure.io/SSSD/sssd
License: GPLv3+
Summary: The Kerberos authentication back end for the SSSD
Description:
Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
Maintainer: Evgeny Sinelnikov
List of contributors:
Evgeny Sinelnikov
Ivan A. Melnikov
Sergey V Turchin
Stanislav Levin
Andrew A. Vasilyev
Alexey Shabalin
Alexey Sheplyakov
Sergey Bolshakov
Andrey Cherepanov
Evgeny Sinelnikov
Ivan A. Melnikov
Sergey V Turchin
Stanislav Levin
Andrew A. Vasilyev
Alexey Shabalin
Alexey Sheplyakov
Sergey Bolshakov
Andrey Cherepanov
Last changed
March 15, 2024 Evgeny Sinelnikov 2.9.4-alt2
- Update 2.9 major release with fixes from upstream: + Fix the build with Samba 4.20. + IFP: don't trigger backtrace in case of ACL check fail. + krb5_child: fix order of calloc arguments. + pam: fix SC auth with multiple certs and missing login name.
Jan. 17, 2024 Evgeny Sinelnikov 2.9.4-alt1
- Update to latest 2.9 major release in long-term maintenance (LTM) phase. - Fixes from upstream: + A crash when PAM passkey processing incorrectly handles non-passkey data. + A workaround was implemented to handle gracefully misbehaving applications that destroy internal state of SSSD client librarires. + An error when rotating KCM's logs was fixed. + Group membership handling when members are coming from different forest domains and using ldap token groups is prohibited. + Files provider was erroneously taking into consideration local_auth_policy config option, thus breaking smartcard authentication of local user in setups that didn't explicitly specify this option.
Nov. 20, 2023 Evgeny Sinelnikov 2.9.3-alt1
- Update to latest 2.9 major release. + KCM: provide mechanism to purge expired credentials. + Default hardening - id_provider channel defaults unencrypted with starttls. + sssd-sudo missing debug statement in its .service file. + SSSD goes offline during initgroups of trusted user if a group is missing SID. + Incorrect handling of reverse IPv6 update results in update failure. + sssd-2.9.2 breaks smart card authentication (on el8). - The proxy provider is now able to handle certificate mapping and matching rules and users handled by the proxy provider can be configured for local Smartcard authentication. - Passkey doesn't fail when using FreeIPA server-side authentication and require-user-verification=false. - When adding a new credential to KCM and the user has already reached their limit, the oldest expired credential will be removed to free some space.