Skip to navigation

Bug Fix Advisory certmonger bug fix update

Advisory: RHBA-2011:1842-2
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2011-12-20
Last updated on: 2011-12-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

An updated certmonger package that fixes one bug is now available for Red Hat
Enterprise Linux 5.

[Updated 20 December 2011]
This advisory has been updated with the correct product name (that is, Red Hat
Enterprise Linux 5) in the Details section. The package included in this revised
update has not been changed in any way from the package included in the original
advisory.

The certmonger service monitors certificates, warning of their impending
expiration, and optionally attempting to re-enroll with supported CAs
(Certificate Authorities).

This update fixes the following bug:

* The RHSA-2011-1533 security advisory, which fixed a security vulnerability in
the IPA (Identity, Policy and Audit) web-based service, caused incompatibility
with older versions of certmonger. As a consequence, certmonger was unable to
correctly submit enrollment requests to IPA's CA. With this update, certmonger
has been modified and it now operates correctly with newer versions of IPA.
Interoperability with older versions of IPA remains unaffected. (BZ#767573)

All users of certmonger are advised to upgrade to this updated package, which
fixes this bug.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
certmonger-0.42-1.el5_7.2.src.rpm
File outdated by:  RHBA-2012:0245
    MD5: 5ed3387fe92d6d57bab6e9473624b3ca
SHA-256: d3ee99adfd272552a45515cbd73217d73bed577be3bb3797620266c55fd9ac90
 
IA-32:
certmonger-0.42-1.el5_7.2.i386.rpm
File outdated by:  RHBA-2012:0245
    MD5: 46b4e7938ca9c5ef32539d7383721d72
SHA-256: e95037ab029ac8d012d7b1d58c2c9e5843b0521192e4ac9bf5acc4dfdcb4970c
 
IA-64:
certmonger-0.42-1.el5_7.2.ia64.rpm
File outdated by:  RHBA-2012:0245
    MD5: e9e5c028a6b102045a1fc42e58b4c637
SHA-256: 0cae608f3018df81375af11f8dace1f3db0f81656a63edcc77ca47432f6b4455
 
PPC:
certmonger-0.42-1.el5_7.2.ppc.rpm
File outdated by:  RHBA-2012:0245
    MD5: 4606c0e57eeac61bcef9b549f3e46451
SHA-256: 0ea1a2c291945c165c3722a84752b94ca75771894d32f67da722b84d18b49c83
 
s390x:
certmonger-0.42-1.el5_7.2.s390x.rpm
File outdated by:  RHBA-2012:0245
    MD5: 0df4e1276968bdb493e85421c39c2cd0
SHA-256: a7a5e173035c4407732452747239965fa3e0d8abd88d795b5bb71e38a4a31aa7
 
x86_64:
certmonger-0.42-1.el5_7.2.x86_64.rpm
File outdated by:  RHBA-2012:0245
    MD5: 66663d27290f5e343529c80b30662909
SHA-256: 047e84603b5dc1b2a036a3beb0d3338f68ec2a1560b849105db397d43dae22ce
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
certmonger-0.42-1.el5_7.2.src.rpm
File outdated by:  RHBA-2012:0245
    MD5: 5ed3387fe92d6d57bab6e9473624b3ca
SHA-256: d3ee99adfd272552a45515cbd73217d73bed577be3bb3797620266c55fd9ac90
 
IA-32:
certmonger-0.42-1.el5_7.2.i386.rpm
File outdated by:  RHBA-2012:0245
    MD5: 46b4e7938ca9c5ef32539d7383721d72
SHA-256: e95037ab029ac8d012d7b1d58c2c9e5843b0521192e4ac9bf5acc4dfdcb4970c
 
x86_64:
certmonger-0.42-1.el5_7.2.x86_64.rpm
File outdated by:  RHBA-2012:0245
    MD5: 66663d27290f5e343529c80b30662909
SHA-256: 047e84603b5dc1b2a036a3beb0d3338f68ec2a1560b849105db397d43dae22ce
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

767573 - certmonger: Requires client-side changes for server-side fixes (due to CVE-2011-3636) [rhel-5.7.z]


Keywords

csrf, ipa, referrer


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/