-
sssd (1.15.2-1ubuntu1.1) zesty-security; urgency=medium
* SECURITY UPDATE: unsanitized input
- debian/patches/CVE-2017-12173.patch: sanitizes the input
for sysdb searches by UPN/email, SID and UUID in src/db/sysdb_ops.c
and add test src/tests/sysdb-tests.c.
- CVE-2017-12173
-- <email address hidden> (Leonidas S. Barbosa) Thu, 12 Oct 2017 10:50:29 -0300
-
sssd (1.15.2-1ubuntu1) zesty; urgency=medium
* Merge from Debian.
- new bugfix release
sssd (1.15.2-1) unstable; urgency=medium
* New upstream release.
* control: Demote adcli to sssd-ad suggests.
* rules, common.install: Fix sssd_krb5_locator_plugin install path.
(LP: #1664566)
* control, copyright, watch: Update upstream URLs.
* common.install: Add libsss_files and socket activation helper.
-- Timo Aaltonen <email address hidden> Thu, 06 Apr 2017 12:45:49 +0300
-
sssd (1.15.0-3ubuntu4) zesty; urgency=medium
* Rebuild against new samba/libldb. (LP: #1664785)
-- Timo Aaltonen <email address hidden> Sun, 05 Mar 2017 13:30:40 +0200
-
sssd (1.15.0-3ubuntu3) zesty; urgency=medium
* d/p/restart_providers_on_timeshift.patch: Use SIGUSR2 after watchdog
detects time shift to execute pending scheduled tasks that could
be stuck (LP: #1641875)
-- Victor Tapia <email address hidden> Wed, 15 Feb 2017 17:05:05 +0100
-
sssd (1.15.0-3ubuntu2) zesty; urgency=medium
* Demote sssd-ad Recommends to Suggests. This fixes a component mismatch in
Ubuntu, but also we believe in LP 1590471 that it shouldn't be required for
full functionality of sssd-ad anyway. This has also been done in Debian VCS
in commit d26fd6b.
-- Robie Basak <email address hidden> Thu, 09 Feb 2017 13:34:01 +0000
-
sssd (1.15.0-3ubuntu1) zesty; urgency=medium
* Build without the secrets service as libhttp-parser2.1 is in universe. An
MIR is pending in LP 1638957; when this is complete, we can revert this.
- Configure with --without-secrets.
- Drop build depends on libhttp-parser-dev and libjansson-dev. These are
only needed for the "secrets service".
- Remove secrets service -related files from d/sssd-common.install and in
d/rules.
-- Robie Basak <email address hidden> Tue, 07 Feb 2017 19:37:45 +0000
-
sssd (1.15.0-3) unstable; urgency=medium
* rules, install: Remove responder service and socket files for now, the
sockets weren't supposed to be enabled anyway and can cause issues.
(Closes: #854048)
-- Timo Aaltonen <email address hidden> Sat, 04 Feb 2017 18:34:06 +0200
-
sssd (1.15.0-2) unstable; urgency=medium
* import-daemon-opts.diff, sssd.default: Drop the patch modifying sssd
service file, and revert the daemon options for sysvinit.
/etc/default/sssd is now only for the initscript (Closes: #852719)
-- Timo Aaltonen <email address hidden> Thu, 26 Jan 2017 21:29:58 +0200
-
sssd (1.15.0-1) unstable; urgency=medium
* New upstream release. (Closes: #852450) (LP: #1566508)
* Drop upstreamed patches.
* sssd-common.sssd.default, import-daemon-opts.diff: Change default
daemon options to match current upstream.
* sssd-dbus.install: Drop libsss_config, which was removed.
* sssd-{ad,common,dbus}.install: Add systemd service and socket files
for pac, sudo, ssh, autofs, pam, nss and ifp responders.
-- Timo Aaltonen <email address hidden> Wed, 25 Jan 2017 22:46:02 +0200
-
sssd (1.14.2-2.1) unstable; urgency=low
* Non-maintainer upload with maintainer approval.
* ldap-blocking.diff: Fix ldaps connections by removing NON_BLOCKING from
socket options (Closes: 849756). Patch from upstream pull request #67.
-- Petter Reinholdtsen <email address hidden> Tue, 24 Jan 2017 22:26:17 +0000
-
sssd (1.14.2-2) unstable; urgency=medium
* fix-prefix-substitution.diff: Fix IFP service file path substitution.
(LP: #1652629)
-- Timo Aaltonen <email address hidden> Tue, 17 Jan 2017 16:39:14 +0200
-
sssd (1.14.2-1) unstable; urgency=medium
* New upstream release.
* control: Add adcli to sssd-ad Recommends. (LP: #1590471)
* accept-krb5-1.15.diff: Allow building PAC responder with MIT krb5
1.15. (Closes: #843385)
* common.install: Add sssd-secrets manpage.
-- Timo Aaltonen <email address hidden> Wed, 16 Nov 2016 10:47:15 +0200
-
sssd (1.14.1-1) unstable; urgency=medium
* New upstream release.
* ipa-terminate-if-view-name-fails.diff,
gpo-add-unity-to-ad-gpo-map-interactive.diff:
Dropped, upstream.
* sssd-common.dirs: Add etc/sssd/conf.d for config snippets.
* control: Add libhttp-parser-dev and libjansson-dev to build-deps.
* sssd-tools.install: Add sssctl.
* sssd-common.install: Add sssd-secrets and winbind idmap plugin.
* Drop the upstart job, it was only shipped on Ubuntu which has
switched to systemd.
* rules, default, import-daemon-opts.diff: Import daemon options from
default/sssd also with systemd. (LP: #1587395)
* rules: Don't install a default config file.
-- Timo Aaltonen <email address hidden> Wed, 05 Oct 2016 14:20:37 +0300
-
sssd (1.13.4-3) unstable; urgency=medium
* common: Add /var/lib/sss/gpo_cache. (LP: #1579092)
* gpo-add-unity-to-ad-gpo-map-interactive.diff: Allow logging in from
unity lockscreen. (LP: #1578415)
-- Timo Aaltonen <email address hidden> Tue, 10 May 2016 10:39:46 +0300
