[Freeipa-interest] Announcing SSSD 1.8.1

Stephen Gallagher sgallagh at redhat.com
Mon Mar 12 21:26:46 UTC 2012 

The SSSD team is proud to announce the bugfix release of the System
Security Services Daemon version 1.8.1

As usual, the source can be downloaded at https://fedorahosted.org/sssd

Packages for Fedora will be built later today and should appear in
updates-testing within two days.

== Highlights ==
 * Resolve issue where we could enter an infinite loop trying to connect
to an auth server
 * Fix serious issue with complex (3+ levels) nested groups
 * Fix netgroup support for case-insensitivity and aliases
 * Fix serious issue with lookup bundling resulting in requests never
completing
 * IPA provider will now check the value of nsAccountLock during
pam_acct_mgmt in addition to pam_authenticate
 * Fix several regressions in the proxy provider

== Detailed Changelog ==
Jakub Hrozek (12):
 * Use proper errno code
 * Only do one cycle when resolving a server
 * krb5_child: set debugging sooner
 * Search netgroups by alias, too
 * Detect cycle in the fail over on subsequent resolve requests only
 * Autofs: operate on contents of double-pointer, not address
 * Only free returned values on success
 * Save original name into the in-memory cache
 * Handle errors from lookup_netgr_step gracefully
 * Fix nested groups processing
 * Fix netgroup error handling
 * Handle empty elements in proxy netgroups:

Jan Cholasta (1):
 * Include missing source files to the list of source files which
contain translatable strings

Jan Zeleny (5):
 * Fix the script path
 * Fixed uninitialized pointer in SSH known host proxy
 * Fixed uninitialized pointer in SSH authorized keys client
 * Add umask before mkstemp() call in SSH responder
 * Fixed resource leak in ssh client code

Pavel Březina (6):
 * Hide --debug option in sss_debuglevel
 * Two memory leaks in sss_sudo_get_values
 * Missing debug message if sdap_sudo_refresh_set_timer fails
 * Use of unininitialized value in sudosrv_cache_set_entry and
sudosrv_cache_lookup_internal
 * Use of unininitialized value in sss_sudo_parse_response
 * Potential NULL-dereference in sudosrv_cmd_get_sudorules

Simo Sorce (1):
 * Use the correct hash table for pending requests

Stephen Gallagher (20):
 * Bump version to 1.8.1
 * Fix typo in autofs option description
 * Include the debug_level upgrade tool in the tarball
 * Include new manpages in translations
 * Updating translations for SSSD 1.8.1
 * Fix typo in script name
 * Handle cases where UID is -1
 * IPA: Set the DNS discovery domain to match ipa_domain
 * IPA: Fix segfault with srchost functionality enabled
 * DP: Reorganize memory hierarchy of requests
 * Prune python provides correctly
 * Make RPM spec more explicit
 * Build experimental features by default in RPMs
 * Properly terminate GIT_CHECKOUT
 * LDAP: Make sdap_access_send/recv public
 * IPA: Check nsAccountLock during PAM_ACCT_MGMT
 * PROXY: Create fake user entries for group lookups
 * SSH: Fix missing semicolon
 * IPA: Initialize hbac_ctx to NULL
 * i18n: Remove empty translations

Yuri Chornoivan (1):
 * fix typos in manual

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-interest/attachments/20120312/dd9312c8/attachment.sig>

More information about the Freeipa-interest mailing list