An ipa security and bug fix update has been released for Oracle Linux 7.

El-errata: ELSA-2021-5195 Moderate: Oracle Linux 7 ipa security and bug fix update

Oracle Linux Security Advisory ELSA-2021-5195

  http://linux.oracle.com/errata/ELSA-2021-5195.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
ipa-client-4.6.8-5.0.1.el7_9.10.x86_64.rpm
ipa-client-common-4.6.8-5.0.1.el7_9.10.noarch.rpm
ipa-common-4.6.8-5.0.1.el7_9.10.noarch.rpm
ipa-python-compat-4.6.8-5.0.1.el7_9.10.noarch.rpm
ipa-server-4.6.8-5.0.1.el7_9.10.x86_64.rpm
ipa-server-common-4.6.8-5.0.1.el7_9.10.noarch.rpm
ipa-server-dns-4.6.8-5.0.1.el7_9.10.noarch.rpm
ipa-server-trust-ad-4.6.8-5.0.1.el7_9.10.x86_64.rpm
python2-ipaclient-4.6.8-5.0.1.el7_9.10.noarch.rpm
python2-ipalib-4.6.8-5.0.1.el7_9.10.noarch.rpm
python2-ipaserver-4.6.8-5.0.1.el7_9.10.noarch.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/ipa-4.6.8-5.0.1.el7_9.10.src.rpm

Related CVEs:

CVE-2020-25719



Description of changes:

[4.6.8-5.0.1]
- Blank out header-logo.png product-name.png
- Replace login-screen-logo.png [Orabug: 20362818]

[4.6.8-5.el7_9.10]
- Resolves: 2025848 - RHEL 8.6 IPA Replica Failed to configure PKINIT setup against a RHEL 7.9 IPA server
- Fix cert_request for KDC cert
- Resolves: 2021444 - CVE-2020-25719 ipa: samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets
- SMB: switch IPA domain controller role

_______________________________________________