Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Low: ipa on SL6.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Monday 4th March 2013 19:09:53 UTC (over 3 years ago)
Synopsis:          Low: ipa security, bug fix and enhancement update
Issue Date:        2013-02-21
CVE Numbers:       CVE-2012-4546
--

It was found that the current default configuration of IPA servers did not
publish correct CRLs (Certificate Revocation Lists). The default 
configuration
specifies that every replica is to generate its own CRL; however, this can
result in inconsistencies in the CRL contents provided to clients from
different Identity Management replicas. More specifically, if a 
certificate is
revoked on one Identity Management replica, it will not show up on another
Identity Management replica. (CVE-2012-4546)
--

SL6
   x86_64
     ipa-client-3.0.0-25.el6.x86_64.rpm
     ipa-debuginfo-3.0.0-25.el6.x86_64.rpm
     ipa-python-3.0.0-25.el6.x86_64.rpm
     ipa-admintools-3.0.0-25.el6.x86_64.rpm
     ipa-server-3.0.0-25.el6.x86_64.rpm
     ipa-server-selinux-3.0.0-25.el6.x86_64.rpm
     ipa-server-trust-ad-3.0.0-25.el6.x86_64.rpm
   i386
     ipa-client-3.0.0-25.el6.i686.rpm
     ipa-debuginfo-3.0.0-25.el6.i686.rpm
     ipa-python-3.0.0-25.el6.i686.rpm
     ipa-admintools-3.0.0-25.el6.i686.rpm
     ipa-server-3.0.0-25.el6.i686.rpm
     ipa-server-selinux-3.0.0-25.el6.i686.rpm
     ipa-server-trust-ad-3.0.0-25.el6.i686.rpm

The following packages were added for dependency resolution
SL6
   x86_64
     certmonger-0.61-3.el6.x86_64.rpm
     mod_nss-1.0.8-18.el6.x86_64.rpm
     nss-3.14.0.0-12.el6.i686.rpm
     nss-3.14.0.0-12.el6.x86_64.rpm
     nss-devel-3.14.0.0-12.el6.i686.rpm
     nss-devel-3.14.0.0-12.el6.x86_64.rpm
     nss-pkcs11-devel-3.14.0.0-12.el6.i686.rpm
     nss-pkcs11-devel-3.14.0.0-12.el6.x86_64.rpm
     nss-sysinit-3.14.0.0-12.el6.x86_64.rpm
     nss-tools-3.14.0.0-12.el6.x86_64.rpm
     nss-util-3.14.0.0-2.el6.i686.rpm
     nss-util-3.14.0.0-2.el6.x86_64.rpm
     nss-util-devel-3.14.0.0-2.el6.i686.rpm
     nss-util-devel-3.14.0.0-2.el6.x86_64.rpm
     policycoreutils-2.0.83-19.24.el6.x86_64.rpm
     policycoreutils-gui-2.0.83-19.24.el6.x86_64.rpm
     policycoreutils-newrole-2.0.83-19.24.el6.x86_64.rpm
     policycoreutils-python-2.0.83-19.24.el6.x86_64.rpm
     policycoreutils-sandbox-2.0.83-19.24.el6.x86_64.rpm

   i386
     certmonger-0.61-3.el6.i686.rpm
     mod_nss-1.0.8-18.el6.i686.rpm
     nss-3.14.0.0-12.el6.i686.rpm
     nss-devel-3.14.0.0-12.el6.i686.rpm
     nss-pkcs11-devel-3.14.0.0-12.el6.i686.rpm
     nss-sysinit-3.14.0.0-12.el6.i686.rpm
     nss-tools-3.14.0.0-12.el6.i686.rpm
     nss-util-3.14.0.0-2.el6.i686.rpm
     nss-util-devel-3.14.0.0-2.el6.i686.rpm
     policycoreutils-2.0.83-19.24.el6.i686.rpm
     policycoreutils-gui-2.0.83-19.24.el6.i686.rpm
     policycoreutils-newrole-2.0.83-19.24.el6.i686.rpm
     policycoreutils-python-2.0.83-19.24.el6.i686.rpm
     policycoreutils-sandbox-2.0.83-19.24.el6.i686.rpm


- Scientific Linux Development Team
 
CD: 3ms