Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 17 Update: pki-core-9.0.25-1.fc17
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Saturday 15th December 2012 17:51:10 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-20220
2012-12-12 04:14:41
--------------------------------------------------------------------------------

Name        : pki-core
Product     : Fedora 17
Version     : 9.0.25
Release     : 1.fc17
URL         : http://pki.fedoraproject.org/
Summary     : Certificate System - PKI Core Components
Description :
==================================
||  ABOUT "CERTIFICATE SYSTEM"  ||
==================================

Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.

PKI Core contains fundamental packages required by Certificate System,
and consists of the following components:

  * pki-setup
  * pki-symkey
  * pki-native-tools
  * pki-util
  * pki-util-javadoc
  * pki-java-tools
  * pki-java-tools-javadoc
  * pki-common
  * pki-common-javadoc
  * pki-selinux
  * pki-ca
  * pki-silent

which comprise the following PKI subsystems:

  * Certificate Authority (CA)

For deployment purposes, Certificate System requires ONE AND ONLY ONE
of the following "Mutually-Exclusive" PKI Theme packages:

  * ipa-pki-theme    (IPA deployments)
  * dogtag-pki-theme (Dogtag Certificate System deployments)
  * redhat-pki-theme (Red Hat Certificate System deployments)

--------------------------------------------------------------------------------
Update Information:

Bugzilla Bug #884829 - Multiple cross-site scripting flaws
--------------------------------------------------------------------------------
ChangeLog:

* Tue Dec 11 2012 Andrew Wnuk 9.0.25-1
- Bugzilla Bug #861467 - Directory authenticated user certificate
enrollments
  fail when anonymous access disabled.
- Bugzilla Bug #884829 - Multiple cross-site scripting flaws
* Tue Oct 30 2012 Andrew Wnuk  9.0.24-1
- New official build
- Used GetStatus servlet to provide startup status - (alee)
- Audit Cert Renewal - Bugzilla Bug #843979 (mharmsen)
- time based searches - Bugzilla Bug #854420 (awnuk)
- TMS ECC infrastructure - ticket #304 (cfu)
* Fri Sep  7 2012 Matthew Harmsen  9.0.23-1
- TRAC Ticket #301 - Need to modify init scripts to verify needed symlinks
  in an instance (support for non-default instance names) (mharmsen)
- Bugzilla Bug #852855 - rhcs81 - remove unexpected anonymous binds to
  internal db in cert status thread. (jmagne)
* Wed Aug 22 2012 Ade Lee  9.0.22-1
- Reverted selinux changes that broke f16 selinux policy.
- Reapplied those changes as a modified patch to f17 build.
* Fri Jul 20 2012 Ade Lee  9.0.21-1
- Bugzilla Bug #841996 - latest selinux policy fix breaks dogtag
* Mon May  7 2012 Andrew Wnuk  9.0.20-1
- New official build
* Mon May  7 2012 Ade Lee  9.0.19-4
- Bugzilla Bug #819111 - non-existent container breaks replication
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #884829 - CVE-2012-4543 Certificate System: Multiple cross-site
scripting flaws by displaying CRL or processing profile [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=884829
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update pki-core' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms