[El-errata] ELSA-2017-0001 Moderate: Oracle Linux 7 ipa security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Jan 3 00:02:35 PST 2017
Oracle Linux Security Advisory ELSA-2017-0001
http://linux.oracle.com/errata/ELSA-2017-0001.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
ipa-admintools-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
ipa-client-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
ipa-client-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
ipa-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
ipa-python-compat-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
ipa-server-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
ipa-server-common-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
ipa-server-dns-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
ipa-server-trust-ad-4.4.0-14.0.1.el7_3.1.1.x86_64.rpm
python2-ipaclient-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
python2-ipalib-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
python2-ipaserver-4.4.0-14.0.1.el7_3.1.1.noarch.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.4.0-14.0.1.el7_3.1.1.src.rpm
Description of changes:
[4.4.0-14.0.1.el7_3.1.1]
- Blank out header-logo.png product-name.png
Replace login-screen-logo.png [20362818]
[4.4.0-14.1.1]
- Resolves: #1370493 CVE-2016-7030 ipa: DoS attack against kerberized
services
by abusing password policy
- ipa-kdb: search for password policies globally
- Renamed patches 1011 and 1012 to 0146 and 0145, as they were merged
upstream
[4.4.0-14.1]
- Resolves: #1370493 CVE-2016-7030 ipa: DoS attack against kerberized
services
by abusing password policy
- password policy: Add explicit default password policy for hosts and
services
- Resolves: #1395311 CVE-2016-9575 ipa: Insufficient permission check in
certprofile-mod
- certprofile-mod: correctly authorise config update
More information about the El-errata
mailing list