[El-errata] ELSA-2020-0378 Important: Oracle Linux 7 ipa security and bug fix update (aarch64)

[Errata Announcements for Oracle Linux]

Oracle Linux Security Advisory ELSA-2020-0378

http://linux.oracle.com/errata/ELSA-2020-0378.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
ipa-client-4.6.5-11.0.1.el7_7.4.aarch64.rpm
ipa-client-common-4.6.5-11.0.1.el7_7.4.noarch.rpm
ipa-common-4.6.5-11.0.1.el7_7.4.noarch.rpm
ipa-python-compat-4.6.5-11.0.1.el7_7.4.noarch.rpm
ipa-server-4.6.5-11.0.1.el7_7.4.aarch64.rpm
ipa-server-common-4.6.5-11.0.1.el7_7.4.noarch.rpm
ipa-server-dns-4.6.5-11.0.1.el7_7.4.noarch.rpm
ipa-server-trust-ad-4.6.5-11.0.1.el7_7.4.aarch64.rpm
python2-ipaclient-4.6.5-11.0.1.el7_7.4.noarch.rpm
python2-ipalib-4.6.5-11.0.1.el7_7.4.noarch.rpm
python2-ipaserver-4.6.5-11.0.1.el7_7.4.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.6.5-11.0.1.el7_7.4.src.rpm



Description of changes:

[4.6.5-11.0.1]
- Blank out header-logo.png product-name.png
- Replace login-screen-logo.png [Orabug: 20362818]

[4.6.5-11.el7_7.4]
- Resolves: #1781153 - After upgrade AD Trust Agents were removed from LDAP
- trust upgrade: ensure that host is member of adtrust agents
- Resolves: #1777303 - CVE-2019-10195 ipa: batch API logging user 
passwords to /var/log/httpd/error_log
- CVE-2019-10195: Don't log passwords embedded in commands in calls 
using batch
- Resolves: #1773953 - User incorrectly added to negative cache when 
backend is reconnecting to IPA service / timed out: error code 32 'No 
such object'
- extdom: unify error code handling especially LDAP_NO_SUCH_OBJECT
- ipa-extdom-extop: test timed out getgrgid_r
- Resolves: #1770728 - Issue with adding multiple RHEL 7 IPA replica to 
RHEL 6 IPA master
- DL0 replica install: fix nsDS5ReplicaBindDN config
- Resolves: #1767300 - CVE-2019-14867 ipa: Denial of service in IPA 
server due to wrong use of ber_scanf()
- Make sure to have storage space for tag