The FreeIPA team would like to announce FreeIPA 4.10.0 release!
It can be downloaded from http://www.freeipa.org/page/Downloads. Builds for Fedora distributions will be available from the official repository soon.
Highlights in 4.10.0#
2016: [RFE] Support random serial numbers in IPA certificates
RSN can be enabled in new server installations.
7404: Incorrect certs are being updated with “ipa-certupdate”
ipa-cacert-manage command now supports the “prune” subcommand, that allows to remove the expired CA certificates.
Bug fixes#
FreeIPA 4.10.0 is a stabilization release for the features delivered as a part of 4.10 version series.
There are 7 bug-fixes since FreeIPA 4.9.10 release. Details of the bug-fixes can be seen in the list of resolved tickets below.
Upgrading#
Upgrade instructions are available on Upgrade page.
Feedback#
Please provide comments, bugs and other feedback via the freeipa-users mailing list (https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorahosted.org/) or #freeipa channel on libera.chat.
Resolved tickets#
#2016 [RFE] Support random serial numbers in IPA certificates
#2278 IPA needs better sudo option validation or better documentation
#7404 Incorrect certs are being updated with “ipa-certupdate”
#8544 After reboot: Replication bind with GSSAPI auth failed
#8684 [WebUI] test_hostgroup::test_names_and_button - timeout reached
#9035 Nightly failure (rawhide) in test_installation_client.py::TestInstallClient
#9105 Review usage of quiet flag in ipa-join
Detailed changelog since 4.9.10#
Rob Crittenden (9)#
Fix test_secure_ajp_connector.py failing with Python 3.6.8 commit
Add a new parameter type, SerialNumber, as a subclass of Str commit #2016
doc/designs: add Random Serial Numbers v3 support commit #2016
Design for IPA-to-IPA migration commit
Re-work the quiet option in ipa-join to not suppress errors commit #9105
Improve sudooption docs, make the option multi-value commit #2278
Design doc to allow LDAP bind using the RADIUS auth type commit
Matthew Davis (1)#
Add missing parameter to Suse modify_nsswitch_pam_stack commit
Anuja More (3)#
Timo Aaltonen (2)#
Michal Polovka (5)#
ipatests: Healthcheck use subject base from IPA not REALM commit
ipatests: Increase expect timeout for interactive mode commit
ipatests: Healthcheck should ignore pki errors when CA is not configured commit
test_webui: test_hostgroup: Wait for modal dialog to appear commit #8684
WebUI: Test if links are opened in new tab correctly commit
Florence Blanc-Renaud (9)#
xmlrpc tests: updated expected output for preserved user commit
Preserve user: fix the confusing summary commit
ipatests: update packages in rawhide test test_installation_client.py commit #9035
ipatests: revert wrong commit on gating definition commit
Design: Integrate SID configuration into base IPA installers commit
Doc: add a design template commit
ipatests: add test_acme.py in nightly previous commit
ipatests: fix incomplete nightly def in nightly_previous commit
ipatests: fix discrepancies in nightly defs commit
Armando Neto (8)#
ipatests: update prci template commit
ipatests: update definitions for custom COPR nightlies commit
ipatests: bump PR-CI rawhide template commit
ipatests: bump rawhide template for PR-CI commit
ipatests: Bump PR-CI rawhide template commit
ipatests: Bump PR-CI Rawhide template commit
ipatests: Update gating to Fedora 33 commit
ipatests: update PR-CI templates to Fedora 33 commit
Alexander Bokovoy (3)#
Mohammad Rizwan (1)#
ipatest: Test ipa-cert-fix fails when startup directive is missing from CS.cfg commit
Christian Heimes (2)#
François Cami (1)#
ipatests: fix nightly_latest_testing_selinux template commit