[El-errata] ELSA-2017-0388 Moderate: Oracle Linux 7 ipa security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Mar 2 18:41:17 PST 2017


Oracle Linux Security Advisory ELSA-2017-0388

http://linux.oracle.com/errata/ELSA-2017-0388.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
ipa-admintools-4.4.0-14.0.1.el7_3.6.noarch.rpm
ipa-client-4.4.0-14.0.1.el7_3.6.x86_64.rpm
ipa-client-common-4.4.0-14.0.1.el7_3.6.noarch.rpm
ipa-common-4.4.0-14.0.1.el7_3.6.noarch.rpm
ipa-python-compat-4.4.0-14.0.1.el7_3.6.noarch.rpm
ipa-server-4.4.0-14.0.1.el7_3.6.x86_64.rpm
ipa-server-common-4.4.0-14.0.1.el7_3.6.noarch.rpm
ipa-server-dns-4.4.0-14.0.1.el7_3.6.noarch.rpm
ipa-server-trust-ad-4.4.0-14.0.1.el7_3.6.x86_64.rpm
python2-ipaclient-4.4.0-14.0.1.el7_3.6.noarch.rpm
python2-ipalib-4.4.0-14.0.1.el7_3.6.noarch.rpm
python2-ipaserver-4.4.0-14.0.1.el7_3.6.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.4.0-14.0.1.el7_3.6.src.rpm



Description of changes:

[4.4.0-14.0.1.el7_3.6]
- Blank out header-logo.png product-name.png
   Replace login-screen-logo.png [20362818]

[4.4.0-14.6]
- Resolves: #1416488 replication race condition prevents IPA to install
   - wait_for_entry: use only DN as parameter
   - Wait until HTTPS principal entry is replicated to replica
   - Use proper logging for error messages

[4.4.0-14.5]
- Resolves: #1410760 ipa-ca-install fails on replica when IPA Master is
   installed without CA
   - Set up DS TLS on replica in CA-less topology
- Resolves: #1413137 CVE-2017-2590 ipa: Insufficient permission check for
   ca-del, ca-disable and ca-enable commands
   - ca: correctly authorise ca-del, ca-enable and ca-disable
- Resolves: #1416481 IPA replica install fails with dirsrv errors.
   - Do not configure PKI ajp redirection to use "::1"





More information about the El-errata mailing list