Пакет sssd-krb5-common: Информация
Бинарный пакет: sssd-krb5-common
Версия: 2.9.4-alt1
Архитектура: ppc64le
Собран: 20 февраля 2024 г. 20:56 в задании #335987
Исходный пакет: sssd
Категория: Система/Серверы
Сообщить об ошибке в пакетеЗагрузка: sssd-krb5-common-2.9.4-alt1.ppc64le.rpm
Домашняя страница: https://pagure.io/SSSD/sssd
Лицензия: GPLv3+
О пакете: SSSD helpers needed for Kerberos and GSSAPI authentication
Описание:
Provides helper processes that the LDAP and Kerberos back ends can use for Kerberos user or host authentication.
Сопровождающий: Evgeny Sinelnikov
Список участников:
Evgeny Sinelnikov
Ivan A. Melnikov
Sergey V Turchin
Stanislav Levin
Andrew A. Vasilyev
Alexey Shabalin
Alexey Sheplyakov
Sergey Bolshakov
Andrey Cherepanov
Evgeny Sinelnikov
Ivan A. Melnikov
Sergey V Turchin
Stanislav Levin
Andrew A. Vasilyev
Alexey Shabalin
Alexey Sheplyakov
Sergey Bolshakov
Andrey Cherepanov
Последнее изменение
17 января 2024 г. Evgeny Sinelnikov 2.9.4-alt1
- Update to latest 2.9 major release in long-term maintenance (LTM) phase. - Fixes from upstream: + A crash when PAM passkey processing incorrectly handles non-passkey data. + A workaround was implemented to handle gracefully misbehaving applications that destroy internal state of SSSD client librarires. + An error when rotating KCM's logs was fixed. + Group membership handling when members are coming from different forest domains and using ldap token groups is prohibited. + Files provider was erroneously taking into consideration local_auth_policy config option, thus breaking smartcard authentication of local user in setups that didn't explicitly specify this option.
20 ноября 2023 г. Evgeny Sinelnikov 2.9.3-alt1
- Update to latest 2.9 major release. + KCM: provide mechanism to purge expired credentials. + Default hardening - id_provider channel defaults unencrypted with starttls. + sssd-sudo missing debug statement in its .service file. + SSSD goes offline during initgroups of trusted user if a group is missing SID. + Incorrect handling of reverse IPv6 update results in update failure. + sssd-2.9.2 breaks smart card authentication (on el8). - The proxy provider is now able to handle certificate mapping and matching rules and users handled by the proxy provider can be configured for local Smartcard authentication. - Passkey doesn't fail when using FreeIPA server-side authentication and require-user-verification=false. - When adding a new credential to KCM and the user has already reached their limit, the oldest expired credential will be removed to free some space.
6 октября 2023 г. Evgeny Sinelnikov 2.9.2-alt1
- Update to latest 2.9 major release. - sss_simpleifp library removed due it deprecated. - "Files provider" removed due it deprecated, using "Proxy provider" with proxy_lib_name = files instead. - New passkey functionality, which will allow the use of FIDO2 compliant devices to authenticate a centrally managed user locally. - Default value of cache_first option was changed to true. - sssctl cert-show and cert-show cert-eval-rule can now be run as non-root user. - certmap: Handle type change of x400Address (due to CVE-2023-0286). - New option local_auth_policy is added to control which offline authentication methods will be enabled by SSSD. - SSSD can be configured not to perform a DNS search during DNS name resolution. This behavior is governed by the new dns_resolver_use_search_list in the domain section. Default value is true (follows the system settings).