- 发布:
- 2014-10-13
- 已更新:
- 2014-10-13
RHBA-2014:1512 - Bug Fix Advisory
概述
certmonger bug fix and enhancement update
类型/严重性
Bug Fix Advisory
Red Hat Insights 补丁分析
识别并修复受此公告影响的系统。
标题
Updated certmonger packages that fix several bugs and add various enhancements
are now available for Red Hat Enterprise Linux 6.
描述
The certmonger service monitors certificates, warning of their impending
expiration, and optionally attempting to re-enroll with supported
Certificate Authorities (CA).
The certmonger packages have been upgraded to upstream version 0.75.13, which
provides a number of bug fixes and enhancements over the previous version
including:
- support for retrieving an IPA server's root certificate and optionally
storing it to specified locations
- improvements in how the certmonger daemon handles disconnection from
the system message bus
- improvements in how the certmonger daemon runs enrollment helpers and parses
results returned by them
- fixed bug causing unexpected termination if an attempt to save a certificate
failed
- fixed incorrect use of the libdbus library that triggered the _dbus_abort()
function
- fixed segmentation fault with incorrectly structured entries in the
/var/lib/certmonger/cas/ directory
(BZ#1098208, BZ#948993, BZ#1032760, BZ#1103090, BZ#1115831)
This update also fixes the following bugs:
- This update fixes the implementation of the remove_known_ca dbus call in the
certmonger package to prevent the certmonger daemon from terminating
unexpectedly when called by remove_known_ca. (BZ#1125342)
In addition, this update adds the following enhancements:
- This update adds the certmonger_selinux manual page to document the effect
that
SELinux has in limiting the allowed access to locations for the certmonger
daemon. Also, the selinux.txt document has been added to the certmonger
package to provide more details about interaction with SELinux. A reference to
certmonger_selinux and selinux.txt has been added to other certmonger man pages.
(BZ#1027265)
Users of certmonger are advised to upgrade to these updated packages, which fix
these bugs and add these enhancements.
解决方案
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
受影响的产品
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support 6 x86_64
修复
- BZ - 948993 - certmonger failing after IPA uninstall and reinstall
- BZ - 1027265 - Certmonger man pages need a note about SELinux
- BZ - 1032760 - Certmonger crashes when trying to decode certificate with invalid data in header
- BZ - 1098208 - Rebase certmonger to include the ability to add IPA CA cert to NSS database (and files)
- BZ - 1103090 - certmonger coredumps -- dbus related
- BZ - 1118468 - [RFE] Add the ability to poll on FETCH_ROOT
- BZ - 1125342 - Support remove_known_ca dbus call
- BZ - 1126985 - ipa-submit helper fails if ldap_url is not present in default.conf
- BZ - 1129537 - CA not saved to specified nss db location
- BZ - 1129696 - start-tracking does not saves the CA cert to specified file location
CVE
(none)
参考
(none)
Red Hat Enterprise Linux Server 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
i386 | |
certmonger-0.75.13-1.el6.i686.rpm | SHA-256: c406a811f7dfeb36b1c5ddc03cda95cb4293320532529ea6504df35eb3029303 |
certmonger-debuginfo-0.75.13-1.el6.i686.rpm | SHA-256: 108d2e26fdf1cd145af0bfc02b82473ec07f40e429866e72e722dfcc3ff7db38 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
i386 | |
certmonger-0.75.13-1.el6.i686.rpm | SHA-256: c406a811f7dfeb36b1c5ddc03cda95cb4293320532529ea6504df35eb3029303 |
certmonger-debuginfo-0.75.13-1.el6.i686.rpm | SHA-256: 108d2e26fdf1cd145af0bfc02b82473ec07f40e429866e72e722dfcc3ff7db38 |
Red Hat Enterprise Linux Workstation 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
i386 | |
certmonger-0.75.13-1.el6.i686.rpm | SHA-256: c406a811f7dfeb36b1c5ddc03cda95cb4293320532529ea6504df35eb3029303 |
certmonger-debuginfo-0.75.13-1.el6.i686.rpm | SHA-256: 108d2e26fdf1cd145af0bfc02b82473ec07f40e429866e72e722dfcc3ff7db38 |
Red Hat Enterprise Linux Desktop 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
i386 | |
certmonger-0.75.13-1.el6.i686.rpm | SHA-256: c406a811f7dfeb36b1c5ddc03cda95cb4293320532529ea6504df35eb3029303 |
certmonger-debuginfo-0.75.13-1.el6.i686.rpm | SHA-256: 108d2e26fdf1cd145af0bfc02b82473ec07f40e429866e72e722dfcc3ff7db38 |
Red Hat Enterprise Linux for IBM z Systems 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
s390x | |
certmonger-0.75.13-1.el6.s390x.rpm | SHA-256: 6befea78224c577e3f9915bb64eb2ed85b3a0b34fa8d66772dcbb31c46e11f71 |
certmonger-debuginfo-0.75.13-1.el6.s390x.rpm | SHA-256: d3cbe6cb76a9a830c7a75d5acf641df7f0f0318157d3f4eca161906c0aa61821 |
Red Hat Enterprise Linux for Power, big endian 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
ppc64 | |
certmonger-0.75.13-1.el6.ppc64.rpm | SHA-256: 50207d6081f7a963cb29fc2ec1e0fd548d9e8650ee8994170fe473c6676092ba |
certmonger-debuginfo-0.75.13-1.el6.ppc64.rpm | SHA-256: 479f8d4df69599ecf10a908538d1d66e3f1ceb7124dac42e19f6b166a212b05c |
Red Hat Enterprise Linux for Scientific Computing 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
Red Hat Enterprise Linux Server from RHUI 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
i386 | |
certmonger-0.75.13-1.el6.i686.rpm | SHA-256: c406a811f7dfeb36b1c5ddc03cda95cb4293320532529ea6504df35eb3029303 |
certmonger-debuginfo-0.75.13-1.el6.i686.rpm | SHA-256: 108d2e26fdf1cd145af0bfc02b82473ec07f40e429866e72e722dfcc3ff7db38 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
s390x | |
certmonger-0.75.13-1.el6.s390x.rpm | SHA-256: 6befea78224c577e3f9915bb64eb2ed85b3a0b34fa8d66772dcbb31c46e11f71 |
certmonger-debuginfo-0.75.13-1.el6.s390x.rpm | SHA-256: d3cbe6cb76a9a830c7a75d5acf641df7f0f0318157d3f4eca161906c0aa61821 |
Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support 6
SRPM | |
---|---|
certmonger-0.75.13-1.el6.src.rpm | SHA-256: 2a956b9747cf2dc5b61d9743ddb5a234c2af2daf5da7db0b7c8d3421bd8e954b |
x86_64 | |
certmonger-0.75.13-1.el6.x86_64.rpm | SHA-256: 4a0e728e88657770ee55f03071575d89d0786f42728e051c942fb8026cedeb72 |
certmonger-debuginfo-0.75.13-1.el6.x86_64.rpm | SHA-256: 58a72373e9a26dbbeebf205dd1ddbe0818f27be3d0c23a562ccbe2d9b6e64316 |
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。