[SECURITY] Fedora 9 Update: ipa-1.1.0-7.fc9

updates at fedoraproject.org updates at fedoraproject.org
Fri Sep 12 05:14:30 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-8003
2008-09-12 04:01:41
--------------------------------------------------------------------------------

Name        : ipa
Product     : Fedora 9
Version     : 1.1.0
Release     : 7.fc9
URL         : http://www.freeipa.org/
Summary     : The Identity, Policy and Audit system
Description :
IPA is an integrated solution to provide centrally managed Identity (machine,
user, virtual machines, groups, authentication credentials), Policy
(configuration settings, access control information) and Audit (events,
logs, analysis thereof).

--------------------------------------------------------------------------------
Update Information:

Security update to address Kerberos master password disclosure flaw
(CVE-2008-3274).    A simple update is not sufficient to resolve the security
issue.  Please *carefully* follow the upgrade instructions at:
http://freeipa.org/page/CVE-2008-3274
--------------------------------------------------------------------------------
ChangeLog:

* Wed Sep 10 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-7
- Fix for CVE-2008-3274
* Wed Jul 23 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-6
- Fix build error
* Wed Jul 23 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-5
- Fix segfault in ipa-kpasswd in case getifaddrs returns a NULL interface
* Sun Jun 29 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-4
- Add fix for bug #453185
* Mon Jun 23 2008 Simo Sorce <ssorce at redhat.com> - 1.1.0-3
- Rebuild against openldap libraries, mozldap ones do not work properly
* Wed Jun 18 2008 Rob Crittenden <rcritten at redhat.com> - 1.1.0-2
- Add call to /usr/sbin/upgradeconfig to post install
* Wed Jun 11 2008 Rob Crittenden <rcritten at redhat.com> - 1.1.0-1
- Update to upstream version 1.1.0
- Patch for indexing memberof attribute
- Patch for indexing uidnumber and gidnumber
- Patch to change DNA default values for replicas
- Patch to fix uninitialized variable in ipa-getkeytab
* Fri May 23 2008 Rob Crittenden <rcritten at redhat.com> - 1.0.0-7
- Add Requires for python-configobj to ipa-admintools
* Thu May 15 2008 Rob Crittenden <rcritten at redhat.com> - 1.0.0-6
- Set fedora-ds-base minimum version to 1.1.0.1-4 and mod_nss minimum
  version to 1.0.7-5 so we pick up the so we pick up the NSS fixes.
- Add selinux-policy-base(post) to Requires (446496)
* Tue Apr 29 2008 Rob Crittenden <rcritten at redhat.com> - 1.0.0-5
- Add missing entry for /var/cache/ipa/kpasswd (444624)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #457835 - CVE-2008-3274 IPA Kerberos master password disclosure
        https://bugzilla.redhat.com/show_bug.cgi?id=457835
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ipa' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list