ELSA-2015-1462

Описание

[3.0.0-47.el6]

• Resolves: #1220788 - Some IPA schema files are not RFC 4512 compliant

[3.0.0-46.el6]

• Use tls version range in NSSHTTPS initialization
• Resolves: #1154687 - POODLE: force using safe ciphers (non-SSLv3) in IPA client and server
• Resolves: #1012224 - host certificate not issued to client during ipa-client-install

[3.0.0-45.el6]

• Resolves: #1205660 - ipa-client rpm should require keyutils

[3.0.0-44.el6]

• Release 3.0.0-44
• Resolves: #1201454 - ipa breaks sshd config

[3.0.0-43.el6]

• Release 3.0.0-43
• Resolves: #1191040 - ipa-client-automount: failing with error LDAP server returned UNWILLING_TO_PERFORM. This likely means that minssf is enabled.
• Resolves: #1185207 - ipa-client dont end new line character in /etc/nsswitch.conf
• Resolves: #1166241 - CVE-2010-5312 CVE-2012-6662 ipa: various flaws
• Resolves: #1161722 - IDM client registration failure in a high load environment
• Resolves: #1154687 - POODLE: force using safe ciphers (non-SSLv3) in IPA client and server
• Resolves: #1146870 - ipa-client-install fails with 'KerbTransport instance has no attribute '__conn'' traceback
• Resolves: #1132261 - ipa-client-install failing produces a traceback instead of useful error message
• Resolves: #1131571 - Do not allow IdM server/replica/client installation in a FIPS-140 mode
• Resolves: #1198160 - /usr/sbin/ipa-server-install --uninstall does not clean /var/lib/ipa/pki-ca
• Resolves: #1198339 - ipa-client-install adds extra sss to sudoers in nsswitch.conf
• Require: 389-ds-base >= 1.2.11.15-51
• Require: mod_nss >= 1.0.10
• Require: pki-ca >= 9.0.3-40
• Require: python-nss >= 0.16