 |
|
|
|
||||||||||||||||||||||||||||||||||||||
DetailsAn updated rhpki-ra package that fixes one security issue is now available The Red Hat registration authority is an optional Red Hat Certificate SolutionUsers running Red Hat Certificate System on Red Hat Enterprise Linux:
Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 Users running Red Hat Certificate System on Sun Solaris: An updated Solaris package, in .pkg format, is available in the Red Hat Certificate System Solaris channel on the Red Hat Network. Use native Solaris package management tools to install or upgrade this package. After applying the updated package on both Linux and Solaris, copy the op.cgi file to the corresponding instance locations, for example: # cp /usr/share/rhpki/ra/docroot/agent/request/op.cgi /var/lib/rhpki-ra/docroot/agent/request/op.cgi For detailed installation instructions, see the "Installation and Configuration" section of the Red Hat Certificate System 7.3 Administration Guide: http://redhat.com/docs/manuals/cert-system/7.3/html/Administration_Guide/ Updated packages
Bugs fixed (see bugzilla for more information)488706 - CVE-2009-0588 rhpki-ra: improper authorization checks in Cerificate System's Registration Authority References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0588
http://www.redhat.com/security/updates/classification/#moderate These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ |
||||||||||||||||||||||||||||||||||||||||
Moderate: rhpki-ra security update