From f5d8b9bca46d1961c1cdf06a89a0a562ad1d5990 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Dec 18 2009 23:53:16 +0000 Subject: == Highlights == One serious security issue was resolved related to the kerberos provider. Users who authenticate against Kerberos and have cached credentials could log in with a zero-length password The network exposure of this bug was limited, as users logged in this way would not have valid network credentials (by lucky accident). This issue was present only in the 0.99.x preview releases and not in any of the stable releases (0.7.1 and earlier) Stability fixes since the 0.99.1 preview release Added or updated several translations Fixed long-standing "I have no name!" issue with X-based terminals SSSD now passes "make distcheck" cleanly SSSD PAM now conforms better to standards regarding PAM_PRELIM_CHECK == Detailed Changelog == Göran Uddeborg (2): Update SV translation Update SV translation Marina Latini (1): Update IT translation Martin Nagy (2): Don't consider one address with different port numbers as the same Change the first server pick logic Sergei V. Kovylov (1): sssd.spec for SLES Simo Sorce (2): Fix upgrade bug #323 Fix ldap child memory hierarchy and other issues Stephen Gallagher (14): Properly close STDERR when daemonizing Fix tight loop in monitor Don't set explicit default for "timeout" in domains Fix warning in server.c Raise DEBUG level of sdap_get_generic_done() Change default for enumeration to TRUE Fix tight-loop in monitor part 2 Properly handle EINTR from poll() Updating ES translation Add DEBUG messages to getpwnam_callback and getpwuid_callback Clarify access_provider manpage entry Do not blindly accept zero-length passwords Fix broken password changes for local users Release SSSD 1.0 Sumit Bose (9): Use sys.exit instead of exit Check for minimal version of check Build python modules in builddir Use --with-ldb-lib-dir while running make distcheck Cleanup db files after test run disable password migration code Handle chauthtok with PAM_PRELIM_CHECK separately Do not overwrite valid TGTs when offline Fix for #345 --- diff --git a/.cvsignore b/.cvsignore index a16fa1c..77325be 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -sssd-0.99.1.tar.gz +sssd-1.0.0.tar.gz diff --git a/sources b/sources index bff3e6f..312d573 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -00468f7fe1b75e53cc3c1027f2a92902 sssd-0.99.1.tar.gz +b4a21cd65157e775dd5843d6a7ded10d sssd-1.0.0.tar.gz diff --git a/sssd.spec b/sssd.spec index 6c586d7..be85ccf 100644 --- a/sssd.spec +++ b/sssd.spec @@ -2,7 +2,7 @@ %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")} Name: sssd -Version: 0.99.1 +Version: 1.0.0 Release: 1%{?dist} Group: Applications/System Summary: System Security Services Daemon @@ -205,6 +205,9 @@ fi %postun client -p /sbin/ldconfig %changelog +* Fri Dec 18 2009 Stephen Gallagher - 1.0.0-1 +- New upstream stable release 1.0.0 + * Fri Dec 11 2009 Stephen Gallagher - 0.99.1-1 - New upstream bugfix release 0.99.1