Issued:
2011-09-07
Updated:
2011-09-07

RHBA-2011:1280 - Bug Fix Advisory

Synopsis

certmonger bug fix update

Type/Severity

Bug Fix Advisory

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An updated certmonger package that fixes one bug is now available for Red Hat
Enterprise Linux 6.1.

Description

An updated certmonger package that fixes one bug is now available for Red Hat
Enterprise Linux 6.1.

The certmonger service monitors certificates, warning of their impending
expiration, and optionally attempting to re-enroll with supported CAs
(Certificate Authorities).

This update fixes the following bug:

  • When submitting a signing request to a Red Hat IPA (Identity, Policy, Audit)

CA, certmonger is expected to authenticate using the client's host credentials,
and to delegate the client's credentials to the server. Recent updates to
libraries on which certmonger depends changed delegation of client credentials
from a mandatory operation to an optional operation that is no longer enabled by
default, which effectively broke certmonger's support for IPA CAs. This update
gives certmonger the ability to explicitly request credential delegation when
used with newer versions of these libraries, which introduce an API that allows
certmonger to explicitly request that credential delegation be performed.
(BZ#729803)

All certmonger users are advised to upgrade to this updated package, which fixes
this bug.

Solution

Before applying this update, make sure all previously-released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259/

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.1 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.1 x86_64
  • Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.1 i386
  • Red Hat Virtual Storage Appliance (from RHUI) 6.1 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.1 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 729804 - Add support for new xmlrpc-c API to do GSSAPI delegation

CVEs

(none)

References

(none)

Red Hat Enterprise Linux Server 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Enterprise Linux Workstation 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Enterprise Linux Desktop 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
s390x
certmonger-0.42-1.el6_1.2.s390x.rpm SHA-256: b313439beb1d8f60e1d5a31921729fc979c7e830220e7bac939fd4e82214278b
certmonger-debuginfo-0.42-1.el6_1.2.s390x.rpm SHA-256: 86f238ed4174a5641e641b3b336c57528481b43c72a48aac3174704dc3294888

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.1

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
s390x
certmonger-0.42-1.el6_1.2.s390x.rpm SHA-256: b313439beb1d8f60e1d5a31921729fc979c7e830220e7bac939fd4e82214278b
certmonger-debuginfo-0.42-1.el6_1.2.s390x.rpm SHA-256: 86f238ed4174a5641e641b3b336c57528481b43c72a48aac3174704dc3294888

Red Hat Enterprise Linux for Power, big endian 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
ppc64
certmonger-0.42-1.el6_1.2.ppc64.rpm SHA-256: fea2f0a50e4176ed11d0160a679da943c20564b74b96336ef20bd7bdbe0e08e5
certmonger-debuginfo-0.42-1.el6_1.2.ppc64.rpm SHA-256: 3e3dbc707974036590b7867ef67f547218260831890762c0f0db5307b47dd333

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.1

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
ppc64
certmonger-0.42-1.el6_1.2.ppc64.rpm SHA-256: fea2f0a50e4176ed11d0160a679da943c20564b74b96336ef20bd7bdbe0e08e5
certmonger-debuginfo-0.42-1.el6_1.2.ppc64.rpm SHA-256: 3e3dbc707974036590b7867ef67f547218260831890762c0f0db5307b47dd333

Red Hat Enterprise Linux Server from RHUI 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.1

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
x86_64
certmonger-0.42-1.el6_1.2.x86_64.rpm SHA-256: c053c242ffd2bf11f7c3a8ec22f26b168fa6e9a6e8bc0e227255975006fe3e16
certmonger-debuginfo-0.42-1.el6_1.2.x86_64.rpm SHA-256: b010b56ae2c4c7bad606d515e1d8ec02e9d31c59dad0ac6dba35a9f16de691f4
i386
certmonger-0.42-1.el6_1.2.i686.rpm SHA-256: 3cb06e591a361f472366d0574f4e0c19b46abd78eb4ccbe2b88421820013a0e5
certmonger-debuginfo-0.42-1.el6_1.2.i686.rpm SHA-256: 6f686d030dd9768a43564584985456ea97218245bd4b4accf055a190656acb79

Red Hat Virtual Storage Appliance (from RHUI) 6.1

SRPM
x86_64

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
certmonger-0.42-1.el6_1.2.src.rpm SHA-256: 1a4fafcd104b07741407104c2dbd5706ffd39e77aa9537970f0d514c78035725
s390x
certmonger-0.42-1.el6_1.2.s390x.rpm SHA-256: b313439beb1d8f60e1d5a31921729fc979c7e830220e7bac939fd4e82214278b
certmonger-debuginfo-0.42-1.el6_1.2.s390x.rpm SHA-256: 86f238ed4174a5641e641b3b336c57528481b43c72a48aac3174704dc3294888

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.