diff --git a/sssd-1.12.4.tar.gz b/sssd-1.12.4.tar.gz deleted file mode 100644 index 4396546..0000000 --- a/sssd-1.12.4.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ea3be3a40b20284bd3126481dd0747cd07e39d5ef7ef7026d4902d96fc3e9edf -size 4226841 diff --git a/sssd-1.12.4.tar.gz.asc b/sssd-1.12.4.tar.gz.asc deleted file mode 100644 index cea6482..0000000 --- a/sssd-1.12.4.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlTk1dAACgkQHsardTLnvCWfnwCg4JrLxP6Jjm9GYlTAqQS5N5cb -ufYAniGjhC+1IBPQVJYiYiCkzjoYDpq3 -=XPd1 ------END PGP SIGNATURE----- diff --git a/sssd-1.12.5.tar.gz b/sssd-1.12.5.tar.gz new file mode 100644 index 0000000..edd0deb --- /dev/null +++ b/sssd-1.12.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:243d8db7c72ecb21aa9db8a09fe9f9b10049dbdb35a1cc2f55e214f21e3ce256 +size 4300869 diff --git a/sssd-1.12.5.tar.gz.asc b/sssd-1.12.5.tar.gz.asc new file mode 100644 index 0000000..7841619 --- /dev/null +++ b/sssd-1.12.5.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlV6uQEACgkQHsardTLnvCWZCwCdEWMU5ry/swLp5y/DGPXp6GkH +4U4AnjTVtz1Vj1R7hyzVKKL6uqsR6kdR +=dk0K +-----END PGP SIGNATURE----- diff --git a/sssd.changes b/sssd.changes index 0add0b0..1ff7aff 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Sun Jun 14 17:44:20 UTC 2015 - michael@stroeder.com + +- Update to new upstream release 1.12.5 +* The background refresh tasks now supports refreshing users and + groups as well. See the "refresh_expired_interval" parameter in + the sssd.conf manpage. +* A new option subdomain_inherit was added. +* When an expired account attempts to log in, a configurable + error message can be displayed with sufficient pam_verbosity + setting. See the "pam_account_expired_message" option. +* OpenLDAP ppolicy can be honored even when an alternate login + method (such as SSH key) is used. See the "ldap_access_order" + option. +* A new option :krb5_map_user" was added, allowing the admin to + map UNIX usernames to Kerberos principals. +* BUG FIXES: +* Fixed AD-specific bugs that resulted in the incorrect set of + groups being displayed after the initgroups operation. +* Fixes related to the IPA ID views feature. Setups using this + should update sssd on both IPA servers and clients. +* The AD provider now handles binary GUIDs correctly. +* A bug that prevented the `ignore_group_members` parameter to be + used with the AD provider was fixed. +* The failover code now reads and honors TTL value for SRV + queries as well. +* Race condition between setting the timeout in the back ends and + reading it in the front end during initgroup operation was + fixed. This bug affected applications that perform the + initgroups(3) operation in multiple processes simultaneously. +* Setups that only want to use the domain SSSD is connected to, + but not the autodiscovered trusted domains by setting + `subdomains_provider=none` now work correctly as long as the + domain SID is set manually in the config file. +* In case only "allow" rules are used, the simple access provider + is now able to skip unresolvable groups. +* The GPO access control code now handles situations where user + and computer objects were in different domains. + ------------------------------------------------------------------- Thu Feb 19 10:51:22 UTC 2015 - hguo@suse.com diff --git a/sssd.spec b/sssd.spec index ac3af7f..711e847 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1,7 +1,7 @@ # # spec file for package sssd # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: sssd -Version: 1.12.4 +Version: 1.12.5 Release: 0 Summary: System Security Services Daemon License: GPL-3.0+ and LGPL-3.0+