Bug Fix Advisory m2crypto bug fix and enhancement update

Advisory: RHBA-2008:0041-3
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2008-05-21
Last updated on: 2008-05-21
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
OVAL: N/A

Details

Updated m2crypto packages that fix a bug and add an enhancement are now
available.


m2crypto is a python wrapper for OpenSSL. It makes it possible to call
OpenSSL function from Python scripts.

These updated packages address the following bug:

* SSL connections failed when attempted through some HTML/1.1 proxies.

These new packages also add the following enhancement:

* m2crypto now supports single certificates with multiple host names in the
subjectAltName and commonName fields.

Users are advised to upgrade to these updated m2crypto packages, which
resolve this issue and add this capability.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188



Updated packages

Red Hat Enterprise Linux (v. 5 server)
SRPMS:
m2crypto-0.16-6.el5.2.src.rpm     36924dd6b027c95d4b19b565159862bb
 
IA-32:
m2crypto-0.16-6.el5.2.i386.rpm     99c3a3e85ce86e1647761441ca836c19
 
IA-64:
m2crypto-0.16-6.el5.2.ia64.rpm     7d592f58bb56d38eb8ec9d5e20f1e9c8
 
PPC:
m2crypto-0.16-6.el5.2.ppc.rpm     a600f06e514d6c73e46cbac77d0e2366
 
s390x:
m2crypto-0.16-6.el5.2.s390x.rpm     4372aeabb866631915f5eeae154ab24b
 
x86_64:
m2crypto-0.16-6.el5.2.x86_64.rpm     46686029778c8c74e366fa24ee8e6cd3
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
m2crypto-0.16-6.el5.2.src.rpm     36924dd6b027c95d4b19b565159862bb
 
IA-32:
m2crypto-0.16-6.el5.2.i386.rpm     99c3a3e85ce86e1647761441ca836c19
 
x86_64:
m2crypto-0.16-6.el5.2.x86_64.rpm     46686029778c8c74e366fa24ee8e6cd3
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

239034 - RHN yum plugin sending malformed HTTP/1.1 header to proxy server preventing updates
363591 - m2crypto in RHEL5 does not support multiple names on the same certificate


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/