From ecfaa46d12bfa139e114162808e7e8592e5c53cd Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Wed, 24 Aug 2011 15:51:24 -0400
Subject: [PATCH] Setting tag sfa-1.0-33

---
 sfa.spec | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sfa.spec b/sfa.spec
index c09b5de0..684a9235 100644
--- a/sfa.spec
+++ b/sfa.spec
@@ -1,6 +1,6 @@
 %define name sfa
 %define version 1.0
-%define taglevel 32
+%define taglevel 33
 
 %define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
 %global python_sitearch	%( python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)" )
@@ -196,6 +196,13 @@ fi
 [ "$1" -ge "1" ] && service sfa-cm restart || :
 
 %changelog
+* Wed Aug 24 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-32
+- Fixed exploit that allowed an authorities to issue certs for objects that dont belong to them.
+- Fixed holes in certificate verification logic.
+- Aggregates no longer try to lookup slice and person records when processing CreateSliver requests. Clients are now required to specify this info in the 'users' argument. 
+- Added 'boot_state' as an attribute of the node element in SFA rspec.
+- Non authority certificates are marked as CA:FALSE.
+
 * Tue Aug 16 2011 Tony Mack <tmack@cs.princeton.edu> - sfa-1.0-32
 - fix typo in sfa-1.0-31 tag.
 - added CreateGid() Registry interface method.
-- 
2.43.0