tieto team mailing list archive
-
tieto team
-
Mailing list archive
-
Message #00600
[Bug 1086304] [NEW] new upstream bugfix release from the LTM branch
You have been subscribed to a public bug by Ballock (ballock):
SSSD 1.8.5 was released on Oct 7th, and it is the latest release from
the current LTM (Long Term Maintenance) branch. 12.04 was released with
1.8.2, so the following summarizes the changes since:
1.8.3:
Highlights
Numerous manpage and translation updates
LDAP: Handle situations where the RootDSE isn't available anonymously
LDAP: Fix regression for users using non-standard LDAP attributes for user information
Tickets Fixed
#1183 sssd.conf man page does not list autofs in the list of known services
#1219 Warn on 'make update-po' if there are manpages not listed in po4a.cfg
#1249 Unable to lookup user aliases with proxy provider.
#1258 SSSD should attempt to get the RootDSE after binding
#1265 document the possible performance gains of disabling referral chasing
#1278 Inadequate info in man page for "ldap_disable_paging" feature
#1290 No info in sssd manpages for "ldap_sasl_minssf"
#1295 Fix erronous reference to the 'allow' access_provider
#1300 autofs: maximum key name must be PATH_MAX
#1307 sdap_check_aliases must not error when detects the same user
#1312 group members are now lowercased in case insensitive domains
#1315 New SSSD does not fetch renewable tickets
#1320 Auth fails for user with non-default attribute names
1.8.4:
Highlights
Fix a bug causing AD servers not to fail over properly when the KDC on the primary server is down
Fix an endianness bug on big-endian systems when looking up services
Fix a segfault dealing with nested groups
Make the nowait cache updates work for netgroups
Fix a regression that broke domains with use_fully_qualified_names = True
Tickets Fixed
#1206 RHEL5 detection in sssd.spec.in does not work
#1321 Warning in debug log about nscd
#1322 Special-case LDAP_SIZELIMIT_EXCEEDED when handling ldap return codes
#1324 LDAP provider needs to use all available servers for GSSAPI if the child times out
#1325 heimdal: configure: Kerberos locator plugin cannot be build
#1329 Group enumeration fails in proxy provider
#1333 Potential NULL dereference in proxy provider
#1335 sss_groupadd no longer detects duplicate GID numbers
#1338 sssd does not provide maps for automounter when custom schema is being used
#1340 SSSD netgroups do not honor entry_cache_nowait_percentage
#1343 sssd_be crashed with SIGSEGV in _tevent_schedule_immediate()
#1344 Loading of selinux user maps broken
#1348 Service lookups by port number doesn't work on s390x/ppc64 arches
1.8.5:
Highlights
Fixed a potential segfault when SRV records are used to discover services
The client libraries now use robust mutexes to avoid a potential deadlock if a thread was cancelled while holding a mutex
Do not return an error when the SELinux support is not configured
Fixed returning an error to the PAM stack when the SSSD was performing authentication but the kpasswd server was unreachable
The SSSD used to skip a whole nesting level instead of a single already processed group when loading nested group membership structure
Added support for terminating idle connections and make the idle timeout configurable
The sss_ssh_knownostsproxy command no longer aborts when processing a host without DNS records
The shadowLastChange attribute is noe correctly updated with days since the Epoch, not seconds
Tickets Fixed
#1356 SSH: Don't abort connection in sss_ssh_knownhostsproxy when DNS records are missing
#1271 Use HTML_TIMESTAMP instead of HTML_FOOTER_DESCRIPTION
#1360 Provide "service filter" for SELinux context
#1354 Add support for terminating idle connections
#1452 KRB5: Only return PAM error for unreachable kpasswd when performing chpass
#1419 Fixed wrong number in shadowLastChange
#1460 Use PTHREAD_MUTEX_ROBUST to avoid deadlock in the client
#1515 KRB5: Return PAM_AUTH_ERR on incorrect password
#1364 FO: Check server validity before setting status
diffstat:
Makefile.am | 12
configure.ac | 15
contrib/sssd.spec.in | 12
po/LINGUAS | 1
po/de.po | 32
po/es.po | 70 -
po/fr.po | 79 -
po/hu.po | 46
po/id.po | 50
po/it.po | 65 -
po/ja.po | 93 -
po/nb.po | 1476 +++++++++++++++++++++++
po/nl.po | 70 -
po/pl.po | 158 +-
po/pt.po | 69 -
po/ru.po | 62
po/sssd.pot | 26
po/sv.po | 52
po/tg.po | 32
po/uk.po | 200 ++-
po/zh_TW.po | 54
src/confdb/confdb.h | 5
src/config/SSSDConfig.py | 2
src/config/SSSDConfigTest.py | 3
src/config/etc/sssd.api.conf | 1
src/config/etc/sssd.api.d/sssd-proxy.conf | 1
src/db/sysdb.c | 16
src/db/sysdb.h | 2
src/db/sysdb_ops.c | 46
src/doxy.config.in | 7
src/external/krb5.m4 | 15
src/krb5_plugin/sssd_krb5_locator_plugin.c | 3
src/man/include/local.xml | 20
src/man/po/cs.po | 1064 +++++++++-------
src/man/po/es.po | 1076 +++++++++--------
src/man/po/fr.po | 1099 +++++++++--------
src/man/po/ja.po | 1217 +++++++++++--------
src/man/po/nl.po | 1072 +++++++++--------
src/man/po/po4a.cfg | 1
src/man/po/pt.po | 1072 +++++++++--------
src/man/po/ru.po | 1070 +++++++++--------
src/man/po/sssd-docs.pot | 1044 +++++++++-------
src/man/po/tg.po | 1070 +++++++++--------
src/man/po/uk.po | 1691 +++++++++++++++++++--------
src/man/sss_groupadd.8.xml | 2
src/man/sss_groupdel.8.xml | 2
src/man/sss_groupmod.8.xml | 2
src/man/sss_groupshow.8.xml | 2
src/man/sss_ssh_knownhostsproxy.1.xml | 2
src/man/sss_useradd.8.xml | 2
src/man/sss_userdel.8.xml | 2
src/man/sss_usermod.8.xml | 2
src/man/sssd-ldap.5.xml | 33
src/man/sssd.conf.5.xml | 121 +
src/providers/data_provider_fo.c | 27
src/providers/dp_backend.h | 1
src/providers/fail_over.c | 13
src/providers/fail_over.h | 2
src/providers/ipa/ipa_hbac.doxy.in | 7
src/providers/ipa/ipa_session.c | 2
src/providers/krb5/krb5_auth.c | 20
src/providers/krb5/krb5_child.c | 102 +
src/providers/ldap/ldap_auth.c | 4
src/providers/ldap/ldap_child.c | 18
src/providers/ldap/sdap_async.c | 66 -
src/providers/ldap/sdap_async_autofs.c | 2
src/providers/ldap/sdap_async_connection.c | 180 ++
src/providers/ldap/sdap_async_groups.c | 24
src/providers/ldap/sdap_async_initgroups.c | 18
src/providers/proxy/proxy.h | 1
src/providers/proxy/proxy_id.c | 731 ++++++-----
src/providers/proxy/proxy_init.c | 4
src/responder/common/responder.h | 3
src/responder/common/responder_common.c | 95 +
src/responder/nss/nsssrv_cmd.c | 16
src/responder/nss/nsssrv_netgroup.c | 10
src/sss_client/autofs/sss_autofs.c | 6
src/sss_client/common.c | 127 +-
src/sss_client/nss_services.c | 16
src/sss_client/pam_sss.c | 118 +
src/sss_client/ssh/sss_ssh_client.c | 8
src/sss_client/ssh/sss_ssh_knownhostsproxy.c | 94 -
src/sss_client/sudo/sss_sudo.c | 6
src/sss_client/sudo/sss_sudo.doxy.in | 7
src/tests/sysdb-tests.c | 143 ++
src/util/murmurhash3.c | 4
src/util/sss_krb5.c | 145 ++
src/util/sss_krb5.h | 8
version.m4 | 2
89 files changed, 10508 insertions(+), 5963 deletions(-)
The large diff in proxy_id.c was due to
https://fedorahosted.org/sssd/ticket/1249.
** Affects: sssd (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: sssd (Ubuntu Precise)
Importance: High
Assignee: Timo Aaltonen (tjaalton)
Status: In Progress
--
new upstream bugfix release from the LTM branch
https://bugs.launchpad.net/bugs/1086304
You received this bug notification because you are a member of Tieto, which is subscribed to the bug report.
