[Freeipa-interest] FreeIPA 4.9.6 released
Alexander Bokovoy
abokovoy at redhat.com
Tue Jun 29 15:44:03 UTC 2021
The FreeIPA team would like to announce FreeIPA 4.9.6 release!
It can be downloaded from http://www.freeipa.org/page/Downloads. Builds
for Fedora distributions will be available from the official repository
soon.
== Highlights in 4.9.6
* 8402: [RFE] ipa-client-install forces nsupdate to bind with gssapi
Invoke nsupdate without authentication if the GSS-TSIG attempt fails
at install time ; configure SSSD to use nsupdate without GSS-TSIG in
this case.
=== Enhancements
=== Known Issues
* FreeIPA 4.9.4 contains a new LDAP caching layer that might incorrectly
return data in certain cases. This is known to affect ansible-freeipa
operations with automember rules. FreeIPA 4.9.6 addresses this issue.
=== Bug fixes
FreeIPA 4.9.6 is a stabilization release for the features delivered as a
part of 4.9.0 version series.
There are more than 10 bug-fixes since FreeIPA 4.9.5 release. Details of
the bug-fixes can be seen in the list of resolved tickets below.
== Upgrading
Upgrade instructions are available on Upgrade page.
== Feedback
Please provide comments, bugs and other feedback via the freeipa-users
mailing list
(https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/)
or #freeipa channel on Freenode.
== Resolved tickets
* https://pagure.io/freeipa/issue/7752[#7752] ipa client throws http.client.ResponseNotReady error
* https://pagure.io/freeipa/issue/8402[#8402] (https://bugzilla.redhat.com/show_bug.cgi?id=1854557[rhbz#1854557])
[RFE] ipa-client-install forces nsupdate to bind with gssapi
* https://pagure.io/freeipa/issue/8532[#8532] (https://bugzilla.redhat.com/show_bug.cgi?id=1886837[rhbz#1886837])
Revise PKINIT upgrade code
* https://pagure.io/freeipa/issue/8726[#8726] Provide a better error message with updatedns and FQDN Is not provided
* https://pagure.io/freeipa/issue/8754[#8754] (https://bugzilla.redhat.com/show_bug.cgi?id=1919384[rhbz#1919384])
Certificate Serial Number issue
* https://pagure.io/freeipa/issue/8817[#8817] Running ipa-server-certinstall with v1 certificate fails with Attempted "__iter__" operation on ASN.1 schema object
* https://pagure.io/freeipa/issue/8880[#8880] (https://bugzilla.redhat.com/show_bug.cgi?id=1973023[rhbz#1973023])
CA_less ipa-server-install fails if CA cert subject contains non ascii chars
* https://pagure.io/freeipa/issue/8882[#8882] Directly integrate custodia
* https://pagure.io/freeipa/issue/8884[#8884] (https://bugzilla.redhat.com/show_bug.cgi?id=1967325[rhbz#1967325])
API returns the misleading error "Insufficient Access" if run as non-admin
* https://pagure.io/freeipa/issue/8885[#8885] (https://bugzilla.redhat.com/show_bug.cgi?id=1975139[rhbz#1975139])
Upgrade error: Add failure missing required attribute "objectclass"
* https://pagure.io/freeipa/issue/8889[#8889] [tests] healthcheck 0.9
* https://pagure.io/freeipa/issue/8897[#8897] (https://bugzilla.redhat.com/show_bug.cgi?id=1976286[rhbz#1976286])
ansible-freeipa automember test fails with `automember_add_condition: testgroup: 'objectclass'` due to ldap cache
* https://pagure.io/freeipa/issue/8898[#8898] plugin `plugins` doesn't work
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
More information about the Freeipa-interest
mailing list