SUSE Package Hub - openSUSE-2024-45

Update Info

openSUSE-2024-45

Recommended update for kanidm

Type: recommended
Severity: moderate
Issued: 2024-02-10
Description:
This update for kanidm fixes the following issues:

- Update to version 1.1.0~rc16~git1.a917291:
  * Correct cargo versions
  * Release 1.1.0-rc.16 (#2483)
  * Fix for incorrect domain migration rollbacks (#2482)
  * Add tools for remigration and domain level raising (#2481)
  * chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480)
  * Support SPN in groups claim (#2474)
  * Credential update tweaks (#2475)
  * Oauth2 pkce faq (#2473)
  * Fix debian versioning (#2472)
  * chore(deps): bump the all group in /pykanidm with 7 updates (#2479)
  * chore(deps): bump the all group with 1 update (#2478)
  * Fix RUV trim (#2466)
  * 20240125 2217 client credentials grant (#2456)
  * docs: Add application passwords design document (#2427)
  * handling master docs (#2465)
  * update the artifact name in the download step (#2464)
  * Book SUMMARY.md: Fix part titles according to mdbook (#2463)
  * Update chat link, add keywords (#2462)
  * PyKanidm updates and testing (#2301)
  * chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461)
  * 1222 what rights does anonymous have (#2436)
  * Fix inverted key/chain logic from TLS error improvement (#2453)
  * Improve TLS configuration errors (#2447)
  * chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445)
  * chore(deps): bump the all group with 1 update (#2441)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443)
  * Return sshkey label to cli fields (#2440)
  * Add rfc8414 metadata (#2434)
  * Add test for delete referer invalid (#2435)
  * Clarify role of WebUI in README.md (#2431)
  * Adding max_ber_size option in config for ldap sync (#2416)
  * Debian build fixes (also the book) (#2400)
  * 2390 1980 allow native applications (#2428)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2430)
  * cookies (#2426)
  * Clean RUV (#2424)
  * chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 in /pykanidm (#2425)
  * Upgrade replication to use anchors (#2423)
  * Minor fixes for oidc with single page applications (#2420)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2421)
  * Use case insensitive match on substrings in line with ldap (#2419)
  * Change OAuth2 RS Origin from the CLI (#2418)
  * Add design diagrams (#2332)
  * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2410)
  * Fix deb release flow to find the matrix split artifacts (#2406)
  * 20231222 piv authentication (#2398)
  * Update docs, closes SQLite Write-Ahead Logging might make page size immutable #2404 (#2405)
  * Build the kanidm cli tools deb as well (#2402)
  * Force apply idm migrations to apply access controls (#2401)
  * fixing up the integration script (#2392)
  * chore(deps): bump the all group in /pykanidm with 8 updates (#2396)
  * chore(deps): bump the all group with 2 updates (#2395)
  * fix backup filename and regexp pattern for cleanup (#2386)
  * idprovider: Provide the keystore during auth (#2385)
  * db: Fix insert_tagged_hsm_key doesn't cache the hsm key (#2389)
  * daemon: Fix inverted logic on cache dir check (#2388)
  * Add improved domain migration framework and default MFA (#2382)
  * Trim and lowecase usernames (#2380)
  * Add DN as a virtual ldap attr (#2379)
  * fixing default for oauth2 request_parameter_supported metadata (#2378)
  * chore(deps): bump the all group in /pykanidm with 6 updates (#2375)
  * 20231218 ipa sync unix password (#2374)
  * chore(deps): bump the all group with 2 updates (#2372)
  * 1481 2024 access control rework (#2366)
  * chore(deps): bump zerocopy from 0.7.26 to 0.7.31 (#2368)
  * chore(deps): bump the all group with 3 updates (#2363)
  * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2362)
  * 249 2024 managed by syntax (#2359)
  * typo (#2356)
  * 20231204 ipa sync minor improvements (#2357)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2355)
  * Unixd build/debugging updates (#2350)
  * 20231129 webauthn attestation (#2351)
  * Fix handling of TPM in some trait contexts (#2347)
  * docs: miniflux added pkce support (#2352)
  * Using proper axum http headers lib for compatibility (#2348)
  * Bearer should send with same caps we accept (#2345)
  * chore(deps): bump cryptography from 41.0.4 to 41.0.6 in /pykanidm (#2341)
  * docs: improve grammar for book/src/developers/faq.md (#2343)
  * Expose machine key in auth phase (#2340)
  * 20231128 freeipa migration (#2338)
  * Unix crossbuild scripts and docs (#2326)
  * Expose TPM in more interface places (#2334)
  * chore(deps): bump the all group in /pykanidm with 6 updates (#2336)
  * Adding kanidm client config docs and notes ref #2248 (#2333)
  * Update to the latest compact-jwt version (#2331)
  * Adding env var configs for the server (#2329)
  * Better errors when TPM PIN file not found (#2330)
  * 20231120 2320 sssd compat (#2328)
  * Resolve future send issue with keystore (#2311)
  * chore(deps): bump the all group in /pykanidm with 6 updates (#2325)
  * chore(deps): bump the all group with 3 updates (#2324)
  * Add test (#2323)
  * OAuth2 scopes validation logging missing details (#2317)
  * Add systemd deps for unixd (#2314)
  * 20231115 oauth2 authreq (#2310)
  * Docs - Bump Fedora 36 to Fedora 38 (#2309)
  * chore(deps): bump the all group with 4 updates (#2306)
  * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2305)
  * Remove serde json from wasm (#2304)
  * Fix spelling (#2303)
  * 20231109 1122 credential class (#2300)
  * Moving daemon tracing to OpenTelemetry (#2292)
  * 20231101 add id cert to unixint (#2284)
  * Docs fixes for #2296 (#2297)
  * Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2294)
  * chore(deps): bump the all group with 8 updates (#2293)
  * pw min length in account policy (#2289)
  * WASM troubleshooting docs closes #2286 (#2291)
  * oauth2 typo (#2290)
  * Update notes to avoid some possible interpretation errors (#2288)
  * Feature: kanidm CLI pulling OpenAPI schema (#2285)
  * Feature: configurable replication poll interval (#2283)
  * Minor improvements to incoming replication (#2279)
  * Problems with bash completion autocomplete (#2281)
  * Remove unused imports and clippy lint (#2276)
  * Rework ldap bind routine (#2268)
  * Disable inconsistent test (#2278)
  * make versions consistent
  * 1.1.0 rc.15 dev post-release (#2271)

- Update to version 1.1.0~rc15~git8.122b6af:
  * Remove unused import that breaks builds on newer rust versions
  * Update to latest webauthn-rs version
  * fix version
  * Fix maint branch versions
  * Disable inconsistent test (#2278)
References

No references
Packages

kanidm-1.1.0~rc16~git1.a917291-bp155.5.1