[El-errata] ELBA-2016-0211 Oracle Linux 7 ipa bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Feb 16 15:46:55 PST 2016
Oracle Linux Bug Fix Advisory ELBA-2016-0211
http://linux.oracle.com/errata/ELBA-2016-0211.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
ipa-admintools-4.2.0-15.0.1.el7_2.6.x86_64.rpm
ipa-client-4.2.0-15.0.1.el7_2.6.x86_64.rpm
ipa-python-4.2.0-15.0.1.el7_2.6.x86_64.rpm
ipa-server-4.2.0-15.0.1.el7_2.6.x86_64.rpm
ipa-server-dns-4.2.0-15.0.1.el7_2.6.x86_64.rpm
ipa-server-trust-ad-4.2.0-15.0.1.el7_2.6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.2.0-15.0.1.el7_2.6.src.rpm
Description of changes:
[4.2.0-15.0.1.6]
- Drop redhat-access-plugin-ipa requires for OL7
Blank out header-logo.png product-name.png
Replace login-screen-logo.png [20362818]
[4.2.0-15.6]
- Resolves: #1298103 ipa-server-upgrade fails if certmonger is not running
- always start certmonger during IPA server configuration upgrade
[4.2.0-15.5]
- Resolves: #1298097 IPA server upgrade fails from RHEL 7.0 to RHEL 7.2
using
"yum update ipa* sssd"
- Set minimal required version for openssl
[4.2.0-15.4]
- Resolves: #1298097 IPA server upgrade fails from RHEL 7.0 to RHEL 7.2
using
"yum update ipa* sssd"
- Set minimal required version for openssl
- Resolves: #1298098 ipa-nis-manage does not update ldap with all NIS maps
- Upgrade: Fix upgrade of NIS Server configuration
- Resolves: #1298099 umask setting causes named-pkcs11 issue with directory
permissions on /var/lib/ipa/dnssec
- DNS: fix file permissions
- Explicitly call chmod on newly created directories
- Fix: replace mkdir with chmod
- Resolves: #1298100 Broken 7.2.0 to 7.2.z upgrade - flawed version
comparison
- Fix version comparison
- use FFI call to rpmvercmp function for version comparison
- Resolves: #1298101 Sysrestore did not restore state if a key is
specified in
mixed case
- Allow to used mixed case for sysrestore
- Resolves: #1298102 DNSSEC key purging is not handled properly
- DNSSEC: Improve error reporting from ipa-ods-exporter
- DNSSEC: Make sure that current state in OpenDNSSEC matches key state in
LDAP
- DNSSEC: Make sure that current key state in LDAP matches key state
in BIND
- DNSSEC: remove obsolete TODO note
- DNSSEC: add debug mode to ldapkeydb.py
- DNSSEC: logging improvements in ipa-ods-exporter
- DNSSEC: remove keys purged by OpenDNSSEC from master HSM from LDAP
- DNSSEC: ipa-dnskeysyncd: Skip zones with old DNSSEC metadata in LDAP
- DNSSEC: ipa-ods-exporter: add ldap-cleanup command
- DNSSEC: ipa-dnskeysyncd: call ods-signer ldap-cleanup on zone removal
- DNSSEC: Log debug messages at log level DEBUG
- Resolves: #1298103 ipa-server-upgrade fails if certmonger is not running
- prevent crash of CA-less server upgrade due to absent certmonger
- Resolves: #1298104 The ipa -e skip_version_check=1 still issues
incompatibility error when called against RHEL 6 server
- ipalib: assume version 2.0 when skip_version_check is enabled
More information about the El-errata
mailing list