- Issued:
- 2015-07-22
- Updated:
- 2015-07-22
RHBA-2015:1315 - Bug Fix Advisory
Synopsis
jss bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Topic
Updated jss packages that fix two bugs and add one enhancement are now available
for Red Hat Enterprise Linux 6.
Description
Java Security Services (JSS) provides an interface between Java Virtual Machine
and Network Security Services (NSS). It supports most of the security standards
and encryption technologies supported by NSS including communication through
SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server
as a part of the Identity Management System.
This update fixes the following bugs:
- Previously, the HASH_ALGORITHM constant was defined incorrectly. As a
consequence, object identifiers (OIDs) for SHA-256, SHA-384, and SHA-512 hash
functions were incorrect. With this update, the underlying source code has been
modified, and the mentioned OIDs are now correct. (BZ#1190302) - Prior to this update, the source code for JSS was missing a condition for
validating the key strength for the RC4 software stream cipher. As a
consequence, JSS did not validate the key strength properly. A patch has been
applied to fix this bug, and JSS now performs key strength validation checks as
expected. (BZ#1190303)
In addition, this update adds the following enhancement:
- The Tomcat service has been updated to support the Transport Layer Security
cryptographic protocol version 1.1 (TLSv1.1) and the Transport Layer Security
cryptographic protocol version 1.2 (TLSv1.2) using JSS. (BZ#1167470)
Users of jss are advised to upgrade to these updated packages, which fix these
bugs and add this enhancement.
Solution
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
Fixes
- BZ - 1190302 - Incorrect OIDs for SHA2 algorithms
- BZ - 1190303 - Key strength validation is not performed for RC4 algorithm
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| x86_64 | |
| jss-4.2.6-35.el6.x86_64.rpm | SHA-256: b2b281b6d6c715ddadd5d04677292c1a09d5164fd74f3e5d3ac633587fbb5b2c |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-javadoc-4.2.6-35.el6.x86_64.rpm | SHA-256: 0da0033526cd12d0dad46e36a55d5b32d85bed6016d9db43ef9d2046c5af249f |
| i386 | |
| jss-4.2.6-35.el6.i686.rpm | SHA-256: f19998d53f0d0e9acdf67a92922eda8aa0215890a906724cf319a199d941f014 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-javadoc-4.2.6-35.el6.i686.rpm | SHA-256: e6d5744e952b64e692a9f21e73ebdb55c1202189f3ef3b34aa5010864ae71461 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| i386 | |
| jss-4.2.6-35.el6.i686.rpm | SHA-256: f19998d53f0d0e9acdf67a92922eda8aa0215890a906724cf319a199d941f014 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-javadoc-4.2.6-35.el6.i686.rpm | SHA-256: e6d5744e952b64e692a9f21e73ebdb55c1202189f3ef3b34aa5010864ae71461 |
| x86_64 | |
| jss-4.2.6-35.el6.x86_64.rpm | SHA-256: b2b281b6d6c715ddadd5d04677292c1a09d5164fd74f3e5d3ac633587fbb5b2c |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-javadoc-4.2.6-35.el6.x86_64.rpm | SHA-256: 0da0033526cd12d0dad46e36a55d5b32d85bed6016d9db43ef9d2046c5af249f |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| x86_64 | |
| jss-4.2.6-35.el6.x86_64.rpm | SHA-256: b2b281b6d6c715ddadd5d04677292c1a09d5164fd74f3e5d3ac633587fbb5b2c |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-javadoc-4.2.6-35.el6.x86_64.rpm | SHA-256: 0da0033526cd12d0dad46e36a55d5b32d85bed6016d9db43ef9d2046c5af249f |
| i386 | |
| jss-4.2.6-35.el6.i686.rpm | SHA-256: f19998d53f0d0e9acdf67a92922eda8aa0215890a906724cf319a199d941f014 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-javadoc-4.2.6-35.el6.i686.rpm | SHA-256: e6d5744e952b64e692a9f21e73ebdb55c1202189f3ef3b34aa5010864ae71461 |
Red Hat Enterprise Linux Desktop 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| x86_64 | |
| jss-4.2.6-35.el6.x86_64.rpm | SHA-256: b2b281b6d6c715ddadd5d04677292c1a09d5164fd74f3e5d3ac633587fbb5b2c |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-javadoc-4.2.6-35.el6.x86_64.rpm | SHA-256: 0da0033526cd12d0dad46e36a55d5b32d85bed6016d9db43ef9d2046c5af249f |
| i386 | |
| jss-4.2.6-35.el6.i686.rpm | SHA-256: f19998d53f0d0e9acdf67a92922eda8aa0215890a906724cf319a199d941f014 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-javadoc-4.2.6-35.el6.i686.rpm | SHA-256: e6d5744e952b64e692a9f21e73ebdb55c1202189f3ef3b34aa5010864ae71461 |
Red Hat Enterprise Linux for IBM z Systems 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| s390x | |
| jss-4.2.6-35.el6.s390x.rpm | SHA-256: 39bc8f35cd851d5d991a11b7188398530a78d4b6df50abfcf9c1f1cce5944e4e |
| jss-debuginfo-4.2.6-35.el6.s390x.rpm | SHA-256: 58d88d1440ba336418ed85e5b55d619a4a02ea01ea305cc1f6ed395bcd42b2b6 |
| jss-debuginfo-4.2.6-35.el6.s390x.rpm | SHA-256: 58d88d1440ba336418ed85e5b55d619a4a02ea01ea305cc1f6ed395bcd42b2b6 |
| jss-javadoc-4.2.6-35.el6.s390x.rpm | SHA-256: 9aec97ddd412570346cc5c3d7805178de460d520a67a658f3621f79d31dd8a84 |
Red Hat Enterprise Linux for Power, big endian 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| ppc64 | |
| jss-4.2.6-35.el6.ppc64.rpm | SHA-256: d9ee0f6f929caba9e5e5b76f0855b28f589173a4a51135bb749e23f4860429e3 |
| jss-debuginfo-4.2.6-35.el6.ppc64.rpm | SHA-256: 65f93747f51883ea18ef498257695017ffd66b6224a8fbb9f3ec182945e3e108 |
| jss-debuginfo-4.2.6-35.el6.ppc64.rpm | SHA-256: 65f93747f51883ea18ef498257695017ffd66b6224a8fbb9f3ec182945e3e108 |
| jss-javadoc-4.2.6-35.el6.ppc64.rpm | SHA-256: 57306b5ed3d03e3760f43d5a2007cb04287531ca82df3eda2cb4d099fd4f2aba |
Red Hat Enterprise Linux for Scientific Computing 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| x86_64 | |
| jss-4.2.6-35.el6.x86_64.rpm | SHA-256: b2b281b6d6c715ddadd5d04677292c1a09d5164fd74f3e5d3ac633587fbb5b2c |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-javadoc-4.2.6-35.el6.x86_64.rpm | SHA-256: 0da0033526cd12d0dad46e36a55d5b32d85bed6016d9db43ef9d2046c5af249f |
Red Hat Enterprise Linux Server from RHUI 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| x86_64 | |
| jss-4.2.6-35.el6.x86_64.rpm | SHA-256: b2b281b6d6c715ddadd5d04677292c1a09d5164fd74f3e5d3ac633587fbb5b2c |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-debuginfo-4.2.6-35.el6.x86_64.rpm | SHA-256: d912dffe525510299f6e584f7b43c2f0fb9bb3b11f3348335833f8fa27746b30 |
| jss-javadoc-4.2.6-35.el6.x86_64.rpm | SHA-256: 0da0033526cd12d0dad46e36a55d5b32d85bed6016d9db43ef9d2046c5af249f |
| i386 | |
| jss-4.2.6-35.el6.i686.rpm | SHA-256: f19998d53f0d0e9acdf67a92922eda8aa0215890a906724cf319a199d941f014 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-debuginfo-4.2.6-35.el6.i686.rpm | SHA-256: 9383203fc84f31de7e2162e9b13ff1c54ef7b1085bad255cdee211dd6c801807 |
| jss-javadoc-4.2.6-35.el6.i686.rpm | SHA-256: e6d5744e952b64e692a9f21e73ebdb55c1202189f3ef3b34aa5010864ae71461 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
| SRPM | |
|---|---|
| jss-4.2.6-35.el6.src.rpm | SHA-256: 725653951ac314d5f9704e05e7ca941db3e7832245401cdb8b71d9ade11700dc |
| s390x | |
| jss-4.2.6-35.el6.s390x.rpm | SHA-256: 39bc8f35cd851d5d991a11b7188398530a78d4b6df50abfcf9c1f1cce5944e4e |
| jss-debuginfo-4.2.6-35.el6.s390x.rpm | SHA-256: 58d88d1440ba336418ed85e5b55d619a4a02ea01ea305cc1f6ed395bcd42b2b6 |
| jss-debuginfo-4.2.6-35.el6.s390x.rpm | SHA-256: 58d88d1440ba336418ed85e5b55d619a4a02ea01ea305cc1f6ed395bcd42b2b6 |
| jss-javadoc-4.2.6-35.el6.s390x.rpm | SHA-256: 9aec97ddd412570346cc5c3d7805178de460d520a67a658f3621f79d31dd8a84 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.