- Issued:
- 2011-05-19
- Updated:
- 2011-05-19
RHBA-2011:0676 - Bug Fix Advisory
Synopsis
libica bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated libica packages that fix various bugs are now available.
Description
A library of functions and utilities for accessing ICA hardware crypto
on IBM zSeries.
This updated libica packages fix the following bugs:
- Previously, when the libica library ran in 31-bit mode, the STCK
buffer length was smaller than required, which caused corrupted memory
and application crashes. This is now fixed to ensure that the libica
library allocates an appropriately sized STCK buffer in 31-bit mode to
prevent corrupted memory and application crashes. (BZ#640035)
- Previously, a SIGILL handler wrapped all cryptographic operations and
caught crashes caused by invalid CPU instructions. This SIGILL handler
prevented crashes but caused significant performance regression in the
system. This is now fixed so that the CPU correctly reports the
availability of individual cryptographics algorithms, therefore the
SIGILL wrappers are removed. (BZ#665401)
- The libica testsuite failed for libica_keygen_test and libica_sha1_test.
The test failed for libica_sha1_test because "return to zero" was missing
for the old_api_sha_test() function. The libica_keygen_test test failed
because the openSSL powered RSA exponent only handles the values 3 or
65537 and libica_keygen_test provided a default random value. This is
now fixed so that libica_sha1_test's old_api_sha_test includes "return
to zero" and libica_keygen_test runs with parameters, "libica_keygen_test
<keylength> <3|65537>". Due to this, the libica testsuite no longer fails
for libica_keygen_test and libica_sha1_test. (BZ#624005)
Users are advised to upgrade to these updated packages, which resolves
these issues.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
Fixes
- BZ - 624005 - Tests libica_keygen_test and libica_sha1_test from testsuite fail
CVEs
(none)
References
(none)
Red Hat Enterprise Linux for IBM z Systems 6
SRPM | |
---|---|
libica-2.0.3-4.el6.src.rpm | SHA-256: 2aed9de889216c95745c875249b1f1115f72ecf7ab572f881b02787c184471c4 |
s390x | |
libica-2.0.3-4.el6.s390.rpm | SHA-256: 384ad26d39c2b6c3de02bfb578325f4db418a4cb4bbc5d645c5217420660d1c5 |
libica-2.0.3-4.el6.s390x.rpm | SHA-256: 6b93b645a5e4d1f251000c026b7752a99cdde1a21f0c5df4bed1be36a1db6fbd |
libica-debuginfo-2.0.3-4.el6.s390.rpm | SHA-256: ae768750fd818fe8f03d63aa79575023b6ea1a17b889ac9398bb65fd0ca912bc |
libica-debuginfo-2.0.3-4.el6.s390.rpm | SHA-256: ae768750fd818fe8f03d63aa79575023b6ea1a17b889ac9398bb65fd0ca912bc |
libica-debuginfo-2.0.3-4.el6.s390x.rpm | SHA-256: f3f1f390a07e2b3adb8dd3e8548d621128dab6131bc9d76042acd1feb4adc00a |
libica-debuginfo-2.0.3-4.el6.s390x.rpm | SHA-256: f3f1f390a07e2b3adb8dd3e8548d621128dab6131bc9d76042acd1feb4adc00a |
libica-devel-2.0.3-4.el6.s390.rpm | SHA-256: af2da5ea4ee86442158df0879961a2d682ec3dc3eb23ca93a6f8b7942e993bf5 |
libica-devel-2.0.3-4.el6.s390x.rpm | SHA-256: 9d9f85c0cfe4fa548c275591abe87325d2230216b9c8ac6dbac5194a3267d973 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
SRPM | |
---|---|
libica-2.0.3-4.el6.src.rpm | SHA-256: 2aed9de889216c95745c875249b1f1115f72ecf7ab572f881b02787c184471c4 |
s390x | |
libica-2.0.3-4.el6.s390.rpm | SHA-256: 384ad26d39c2b6c3de02bfb578325f4db418a4cb4bbc5d645c5217420660d1c5 |
libica-2.0.3-4.el6.s390x.rpm | SHA-256: 6b93b645a5e4d1f251000c026b7752a99cdde1a21f0c5df4bed1be36a1db6fbd |
libica-debuginfo-2.0.3-4.el6.s390.rpm | SHA-256: ae768750fd818fe8f03d63aa79575023b6ea1a17b889ac9398bb65fd0ca912bc |
libica-debuginfo-2.0.3-4.el6.s390.rpm | SHA-256: ae768750fd818fe8f03d63aa79575023b6ea1a17b889ac9398bb65fd0ca912bc |
libica-debuginfo-2.0.3-4.el6.s390x.rpm | SHA-256: f3f1f390a07e2b3adb8dd3e8548d621128dab6131bc9d76042acd1feb4adc00a |
libica-debuginfo-2.0.3-4.el6.s390x.rpm | SHA-256: f3f1f390a07e2b3adb8dd3e8548d621128dab6131bc9d76042acd1feb4adc00a |
libica-devel-2.0.3-4.el6.s390.rpm | SHA-256: af2da5ea4ee86442158df0879961a2d682ec3dc3eb23ca93a6f8b7942e993bf5 |
libica-devel-2.0.3-4.el6.s390x.rpm | SHA-256: 9d9f85c0cfe4fa548c275591abe87325d2230216b9c8ac6dbac5194a3267d973 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6
SRPM | |
---|---|
libica-2.0.3-4.el6.src.rpm | SHA-256: 2aed9de889216c95745c875249b1f1115f72ecf7ab572f881b02787c184471c4 |
s390x | |
libica-2.0.3-4.el6.s390.rpm | SHA-256: 384ad26d39c2b6c3de02bfb578325f4db418a4cb4bbc5d645c5217420660d1c5 |
libica-2.0.3-4.el6.s390x.rpm | SHA-256: 6b93b645a5e4d1f251000c026b7752a99cdde1a21f0c5df4bed1be36a1db6fbd |
libica-debuginfo-2.0.3-4.el6.s390.rpm | SHA-256: ae768750fd818fe8f03d63aa79575023b6ea1a17b889ac9398bb65fd0ca912bc |
libica-debuginfo-2.0.3-4.el6.s390.rpm | SHA-256: ae768750fd818fe8f03d63aa79575023b6ea1a17b889ac9398bb65fd0ca912bc |
libica-debuginfo-2.0.3-4.el6.s390x.rpm | SHA-256: f3f1f390a07e2b3adb8dd3e8548d621128dab6131bc9d76042acd1feb4adc00a |
libica-debuginfo-2.0.3-4.el6.s390x.rpm | SHA-256: f3f1f390a07e2b3adb8dd3e8548d621128dab6131bc9d76042acd1feb4adc00a |
libica-devel-2.0.3-4.el6.s390.rpm | SHA-256: af2da5ea4ee86442158df0879961a2d682ec3dc3eb23ca93a6f8b7942e993bf5 |
libica-devel-2.0.3-4.el6.s390x.rpm | SHA-256: 9d9f85c0cfe4fa548c275591abe87325d2230216b9c8ac6dbac5194a3267d973 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.