RHBA-2015:0352 - Bug Fix Advisory

Topic

Updated esc packages that fix several bugs are now available for Red Hat
Enterprise Linux 7.

Description

The esc packages contain the Enterprise Security Client (ESC), which allows the
user to manage security smart cards. The primary function of the tool is to
enroll smart cards, so that they can be used for common cryptographic
operations, such as to secure e-mail and website access.

This update fixes the following bugs:

• Previously, the build process for the esc packages required an unavailable

version of the XULRunner utility. As a consequence, the esc packages failed to
build from source on IBM Power Systems. This update modifies the requirements of
the esc packages build process, and the packages now build correctly from source
on the aforementioned architecture. (BZ#1053711)

• Prior to this update, a string search problem in the esc.spec file caused the

esc packages to fail to build from source on the 64-bit ARM architecture. The
spec file has been modified to fix the problem, and the esc packages now build
correctly from source on the 64-bit ARM architecture. (BZ#1100932)

• Previously, the build process for the esc packages required an unavailable

version of the Gecko engine. Consequently, the esc packages failed to build from
source on the little-endian variant of IBM Power Systems. This update modifies
the requirements of the esc packages build process, and the packages now build
correctly from source on the aforementioned architecture. (BZ#1125496)

• Previously, the esc packages failed to build from source because the build

process required an unavailable version the XULRunner engine. This update
modifies the esc.spec file to point to the correct version of XULRunner, and the
esc packages now build correctly from source. (BZ#1163479)

• Prior to this update, the GUI for ESC did not show all options for managing

certificates. Consequently, ESC did not list the encryption and signing
certificates under the "Your Certificates" tab when an enrolled card was
inserted. The underlying source code for the ESC GUI has been modified, and ESC
now lists the mentioned certificates in the described situation as expected.
(BZ#1173774)

• Previously, a bug in the launcher script contained in the esc packages

resulted in incorrect permission settings for the .redhat/ directory created by
ESC after the user inserted a smart card. Consequently, the .redhat/ directory
created during manual launch of ESC did not have the same permissions as the
.redhat/ directory created during automatic launch of ESC. The launcher script
has been modified, and the .redhat/ directory ESC creates during launch has the
same permissions regardless of whether ESC was launched manually or
automatically. (BZ#1176241)

Users of esc are advised to upgrade to these updated packages, which fix these
bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.7 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.3 x86_64
• Red Hat Enterprise Linux Server - AUS 7.7 x86_64
• Red Hat Enterprise Linux Server - AUS 7.6 x86_64
• Red Hat Enterprise Linux Server - AUS 7.4 x86_64
• Red Hat Enterprise Linux Server - AUS 7.3 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.7 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.4 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.3 ppc64
• Red Hat Enterprise Linux Server from RHUI 7 x86_64
• Red Hat Enterprise Linux Server - TUS 7.7 x86_64
• Red Hat Enterprise Linux Server - TUS 7.6 x86_64
• Red Hat Enterprise Linux Server - TUS 7.3 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.3 x86_64

Fixes

• BZ - 1053711 - FTBFS
• BZ - 1163479 - Errata 18562 TPS tests fails - esc rebuild failure because of xulrunner updates
• BZ - 1173774 - ESC Client does not list the encryption and signing certs under the "Your Certificates" tab when an enrolled card is inserted
• BZ - 1176241 - .redhat dir does not have the same permissions during manual and auto launch of ESC Client

CVEs

(none)

References

(none)