- Issued:
- 2011-07-21
- Updated:
- 2011-07-21
RHBA-2011:1002 - Bug Fix Advisory
Synopsis
certmonger bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated certmonger package that fixes multiple bugs and adds several
enhancements is now available for Red Hat Enterprise Linux 5.
Description
The certmonger package contains a service which is primarily concerned with
getting your system enrolled with a certificate authority (CA) and keeping it
enrolled.
The certmonger package has been upgraded to upstream version 0.42, which
provides a number of bug fixes and enhancements over the previous version.
(BZ#688610)
Additionally, this update fixes the following bugs:
- Previously, when issuing a request for a certificate to an IPA server, if the
IPA server returned an error, the ipa-submit helper process terminated
unexpectedly while attempting to parse the error in order to report it. The bug
has been fixed in this update, and the error is now recorded properly.
(BZ#690892)
- Previously, if certmonger did not track any certificates, the output of the
"ipa-getcert list" command was empty. This undesired behavior has been fixed so
that after running the command, the number of the certificates tracked is now
displayed as well as any certificate entries, if they exist. (BZ#681642)
- Previously, when the service attempted to save a certificate to a certificate
database, if there was already a certificate in the database with the desired
nickname assigned to it but which had a different value in its "subject name"
field, the attempt to save the new certificate to the database failed. This bug
has been fixed in this update so that any certificates that are already in the
certificate database which have the desired nickname are now cleared out before
attempting to store a new certificate, and storing the new certificate no longer
fails. (BZ#695717)
- Previously, when a non-root user ran the "ipa-getcert" command, an unclear and
ambiguous error message about insufficient user rights to run the command was
displayed. This update improves the error message text so that it is now clear
and straightforward. (BZ#681641)
- Previously, building the certmonger package failed due to a problem with
self-tests. This problem has been resolved and does not occur anymore.
(BZ#670322)
All users requiring certmonger should upgrade to this updated package, which
fixes these bugs and adds several enhancements.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 670322 - certmonger can't be rebuild in mock
- BZ - 681641 - Unhelpful message from ipa-getcert
- BZ - 681642 - No output from ipa-getcert list
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
certmonger-0.42-1.el5.src.rpm | SHA-256: c32ad813c169afb97d86f831b8ee773aa5f53fb1f7cfce95aafb8355204becc8 |
x86_64 | |
certmonger-0.42-1.el5.x86_64.rpm | SHA-256: a230eabd07f7a3f8846ebf67f9631c4098db73d10f773ab167b86847679299b5 |
ia64 | |
certmonger-0.42-1.el5.ia64.rpm | SHA-256: fee0e5c154ab03752e88c39e6351e63de8487e45d1f481837a9ebe765b2f6eb7 |
i386 | |
certmonger-0.42-1.el5.i386.rpm | SHA-256: 4e258e186a67e1dd63b0a9075467de0d143a9b23bda0be9e0cf26b469e41af97 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
certmonger-0.42-1.el5.src.rpm | SHA-256: c32ad813c169afb97d86f831b8ee773aa5f53fb1f7cfce95aafb8355204becc8 |
x86_64 | |
certmonger-0.42-1.el5.x86_64.rpm | SHA-256: a230eabd07f7a3f8846ebf67f9631c4098db73d10f773ab167b86847679299b5 |
i386 | |
certmonger-0.42-1.el5.i386.rpm | SHA-256: 4e258e186a67e1dd63b0a9075467de0d143a9b23bda0be9e0cf26b469e41af97 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
certmonger-0.42-1.el5.src.rpm | SHA-256: c32ad813c169afb97d86f831b8ee773aa5f53fb1f7cfce95aafb8355204becc8 |
x86_64 | |
certmonger-0.42-1.el5.x86_64.rpm | SHA-256: a230eabd07f7a3f8846ebf67f9631c4098db73d10f773ab167b86847679299b5 |
i386 | |
certmonger-0.42-1.el5.i386.rpm | SHA-256: 4e258e186a67e1dd63b0a9075467de0d143a9b23bda0be9e0cf26b469e41af97 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
certmonger-0.42-1.el5.src.rpm | SHA-256: c32ad813c169afb97d86f831b8ee773aa5f53fb1f7cfce95aafb8355204becc8 |
s390x | |
certmonger-0.42-1.el5.s390x.rpm | SHA-256: 0e0c260e86208873350e2f45f0c567ca46ded7e50398c27ea91e183e400dfa23 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
certmonger-0.42-1.el5.src.rpm | SHA-256: c32ad813c169afb97d86f831b8ee773aa5f53fb1f7cfce95aafb8355204becc8 |
ppc | |
certmonger-0.42-1.el5.ppc.rpm | SHA-256: 6df235d9816dcdfb43f3ba92a0c9aaaa68ec488689c57a1934d9cc4a7cb49fd4 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
certmonger-0.42-1.el5.src.rpm | SHA-256: c32ad813c169afb97d86f831b8ee773aa5f53fb1f7cfce95aafb8355204becc8 |
x86_64 | |
certmonger-0.42-1.el5.x86_64.rpm | SHA-256: a230eabd07f7a3f8846ebf67f9631c4098db73d10f773ab167b86847679299b5 |
i386 | |
certmonger-0.42-1.el5.i386.rpm | SHA-256: 4e258e186a67e1dd63b0a9075467de0d143a9b23bda0be9e0cf26b469e41af97 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.