summaryrefslogtreecommitdiffstats
path: root/freeipa.spec.in
diff options
context:
space:
mode:
authorMartin Kosek <mkosek@redhat.com>2013-04-02 16:25:46 +0200
committerMartin Kosek <mkosek@redhat.com>2013-04-02 17:00:17 +0200
commitf1e2465520becf6033dee4716f6cf4e51965bb62 (patch)
tree5e0fb5c0622bad4cedef6ac17a0a52df51cf58f2 /freeipa.spec.in
parentff01a08ffc85c069f37692ad8307bf10e8bd1e29 (diff)
downloadfreeipa-f1e2465520becf6033dee4716f6cf4e51965bb62.tar.gz
freeipa-f1e2465520becf6033dee4716f6cf4e51965bb62.tar.xz
freeipa-f1e2465520becf6033dee4716f6cf4e51965bb62.zip
Require 389-base-base 1.3.0.5
Pulls the following fixes: - upgrade deadlock caused by DNA plugin reconfiguration - CVE-2013-1897: unintended information exposure when rootdse is enabled https://fedorahosted.org/freeipa/ticket/3540
Diffstat (limited to 'freeipa.spec.in')
-rw-r--r--freeipa.spec.in9
1 files changed, 8 insertions, 1 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 665a6d720..5e844534d 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -88,7 +88,7 @@ Requires: %{name}-python = %{version}-%{release}
Requires: %{name}-client = %{version}-%{release}
Requires: %{name}-admintools = %{version}-%{release}
Requires: %{name}-server-selinux = %{version}-%{release}
-Requires: 389-ds-base >= 1.3.0
+Requires: 389-ds-base >= 1.3.0.5
Requires: openldap-clients
Requires: nss
Requires: nss-tools
@@ -139,6 +139,7 @@ Requires: zip
Requires: policycoreutils >= %{POLICYCOREUTILSVER}
Requires: tar
Requires(pre): certmonger >= 0.65
+Requires(pre): 389-ds-base >= 1.3.0.5
# We have a soft-requires on bind. It is an optional part of
# IPA but if it is configured we need a way to require versions
@@ -782,6 +783,12 @@ fi
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
%changelog
+* Tue Apr 2 2013 Martin Kosek <mkosek@redhat.com> - 3.1.99-2
+- Require 389-base-base >= 1.3.0.5 to pull the following fixes:
+ - upgrade deadlock caused by DNA plugin reconfiguration
+ - CVE-2013-1897: unintended information exposure when
+ nsslapd-allow-anonymous-access is set to rootdse
+
* Wed Mar 27 2013 Martin Kosek <mkosek@redhat.com> - 3.1.99-2
- Remove conflict with krb5-server > 1.11 as ipa-kdb is compatible
- ipa-ldap-updater show produce errors only