RHBA-2007:0634 - Bug Fix Advisory

Topic

An updated esc package that fixes various bugs is now available.

Description

The esc package contains a GUI tool called "Smart Card Manager". This tool
allows the user to manage security smart cards. The primary function of the
tool is to "enroll" smart cards so they can be used for common
cryptographic operations such as secure mail and secure web site access.

Bugs fixed in these updated packages include:

• fix strange grammar in TPS Config info dialog.
• support for A11Y hot keys.
• add right mouse support in ESC for common operations.
• double-clicking on a key should bring up its certificate viewer.
• print out version number from the command line.
• fix crash if a certificate on card has the critical CRLDistributionPoint

extension.

• improve password strength meter display.
• correctly display the "issuer" of an enrolled token.
• have ESC system menu item always bring up the app correctly.
• add timestamps to the diagnostics log display messages.
• make the displayed smart card states of operation consistent.
• make the diagnostics log file persistent across invocations of the tool.
• fix error when the tool was getting stuck in a canceled operation.
• merge the current key "Status" and "Progress" columns into one.
• fix error where a token was identified as being from an "unknown" issuer.
• fix error where the tool incorrectly thinks there are no plugged in smart

cards.

• give the certificate viewer the ability to trust the certificates on the

smart card.

• add more useful messages to the diagnostics log file.
• fix error where the issuer of a CAC card is listed as "unknown".
• better integrate the tool's appearance into the desktop.
• fix placement of the "Submit" button in the LDAP authentication dialog

box.

• fix typo in message displayed after a successful enrollment.
• fix bug where the tool thinks it is already running when launched for the

first time.

• make sure the cursor is placed in the correct field when displaying a new

dialog.

• don't allow a user to "format" a card currently being used to log onto

the machine.

• revise displayable string messages.
• display clearer error messages to the user.
• display a clearer message when the user attempts to enroll a token where

they already have an enrolled token.

• fix a situation that causes incorrect operation after an aborted token

format operation.

• fix an error where the RPM removal of ESC fails when the ESC daemon is

not running.

All users should upgrade to this updated package, which resolves these
issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 203466 - ESC error codes : need to be refined better
• BZ - 203757 - Strange grammer in TPS Config info dialog
• BZ - 203806 - ESC needs A11Y hotkeys
• BZ - 204021 - "esc --version" should print out version number
• BZ - 204369 - Enrollment crashes ESC if cert has critical CRLDistributionPoint extension
• BZ - 204661 - esc password strength algorithm seems a little off
• BZ - 204959 - Issuer Showing up as Unknown, even though it's showing as Enrolled

CVEs

(none)

References

(none)