RHBA-2011:1290 - Bug Fix Advisory

Topic

An updated ipa-client package that fixes one bug is now available for Red Hat
Enterprise Linux 5.

Description

IPA (Identity, Policy, Audit) is an integrated solution to provide centrally
managed identity, that is, machine, user, virtual machines, groups, and
authentication credentials. The ipa-client package provides a tool to enroll a
machine to an IPA version 2 server.

This update fixes the following bug:

• Prior to this update, GSSAPI credential delegation was disabled in the curl

utility due to a security issue. As a result, applications that rely on
delegation did not work properly. This update utilizes a new constructor
argument in the xmlrpc-c client API to set the new CURLOPT_GSSAPI_DELEGATION
curl option. This option enables the credential delegation, thus fixing this
bug. (BZ#736658)

Users of ipa-client are advised to upgrade to this updated package, which fixes
this bug.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

CVEs

(none)

References

(none)