== Highlights == The SSSD team is proud to announce a Release Candidate of version 1.9 of the System Security Services Daemon.
This is a bugfix release only, no new features were added in this version. We will be focusing on more stabilizing after that point until the final 1.9.0 release which is tentatively scheduled for September 21. We might be releasing another Release Candidate before the final release if needed.
As always, you can download the latest sources at https://fedorahosted.org/sssd/
== Tickets Fixed ==
https://fedorahosted.org/sssd/ticket/1331 Off-by-one error in sss_hmac_sha1 https://fedorahosted.org/sssd/ticket/1364 [abrt] sssd-1.8.3-11.fc16: set_server_common_status: Process /usr/libexec/sssd/sssd_be was killed by signal 11 (SIGSEGV) https://fedorahosted.org/sssd/ticket/1438 SSSD crashes at boot time https://fedorahosted.org/sssd/ticket/1452 Authentication fails if kpasswd cannot be resolved https://fedorahosted.org/sssd/ticket/1454 if allocation fails, sss_mmap_cache_init may dereference NULL pointer https://fedorahosted.org/sssd/ticket/1458 Full sudo refresh is scheduled even if there is no sudo responder https://fedorahosted.org/sssd/ticket/1466 Proxy: Cannot retrieve an user after a group he is a member of was retrieved https://fedorahosted.org/sssd/ticket/1467 enumeration is broken in the proxy provider https://fedorahosted.org/sssd/ticket/1479 Hbac logs show wrong rule name granting access https://fedorahosted.org/sssd/ticket/1486 [abrt] sssd-1.8.4-14.fc17: sss_ldap_init_send: Process /usr/libexec/sssd/sssd_be was killed by signal 11 (SIGSEGV) https://fedorahosted.org/sssd/ticket/1496 [abrt] sssd-1.8.4-14.fc17: ldap_pvt_sasl_getmechs: Process /usr/libexec/sssd/sssd_be was killed by signal 11 (SIGSEGV) https://fedorahosted.org/sssd/ticket/1505 sudo with sss backend should use ipa_hostname https://fedorahosted.org/sssd/ticket/1509 libsss_sudo is not updated when yum update sssd is called https://fedorahosted.org/sssd/ticket/1513 Change the processing of the SELinux default map https://fedorahosted.org/sssd/ticket/1515 pam_sss report System Error on wrong password https://fedorahosted.org/sssd/ticket/1516 krb5_mod_ccname should cancel the transaction at one place only https://fedorahosted.org/sssd/ticket/1519 membership of IPA hostgroups is not evaluated when treating them as netgroups
== Detailed Changelog ==
Jakub Hrozek (12): * Bumping version for the 1.9.0 beta 7 release * libsss_sudo should have a versioned dependency on SSSD * KRB5: cancel the sysdb transaction on one place only * KRB5: Return PAM_AUTH_ERR on incorrect password * RPM: BuildRequire? selinux-policy-targeted * SYSDB: NULL-terminate the output of sysdb_get_{ranges,subdomains} * KRB5: Add a missing string argument * NSS: Fix off-by-one error in parse_getservbyname * FO: Check server validity before setting status * DB: Always write the SELinux object to sysdb * SELinux: Always use the default if it exists on the server * Updating the translations for the 1.9.0 RC1 release
Ondrej Kos (1): * Out-of-bounds read fix in hmac-sha-1
Pavel Březina (3): * netgroup: resolve hostgroup membership correctly * be_process_init(): free ctx on error * backend: initialize sudo only when it is enabled in services
Simo Sorce (1): * Remove obsolete comment
sssd-users@lists.fedorahosted.org