Skip to navigation

Security Advisory Important: ipa security update

Advisory: RHSA-2013:0188-1
Type: Security Advisory
Severity: Important
Issued on: 2013-01-23
Last updated on: 2013-01-23
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.3.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-5484

Details

Updated ipa packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Red Hat Identity Management is a centralized authentication, identity
management and authorization solution for both traditional and cloud-based
enterprise environments.

A weakness was found in the way IPA clients communicated with IPA servers
when initially attempting to join IPA domains. As there was no secure way
to provide the IPA server's Certificate Authority (CA) certificate to the
client during a join, the IPA client enrollment process was susceptible to
man-in-the-middle attacks. This flaw could allow an attacker to obtain
access to the IPA server using the credentials provided by an IPA client,
including administrative access to the entire domain if the join was
performed using an administrator's credentials. (CVE-2012-5484)

Note: This weakness was only exposed during the initial client join to the
realm, because the IPA client did not yet have the CA certificate of the
server. Once an IPA client has joined the realm and has obtained the CA
certificate of the IPA server, all further communication is secure. If a
client were using the OTP (one-time password) method to join to the realm,
an attacker could only obtain unprivileged access to the server (enough to
only join the realm).

Red Hat would like to thank Petr Menšík for reporting this issue.

This update must be installed on both the IPA client and IPA server. When
this update has been applied to the client but not the server,
ipa-client-install, in unattended mode, will fail if you do not have the
correct CA certificate locally, noting that you must use the "--force"
option to insecurely obtain the certificate. In interactive mode, the
certificate will try to be obtained securely from LDAP. If this fails, you
will be prompted to insecurely download the certificate via HTTP. In the
same situation when using OTP, LDAP will not be queried and you will be
prompted to insecurely download the certificate via HTTP.

Users of ipa are advised to upgrade to these updated packages, which
correct this issue. After installing the update, changes in LDAP are
handled by ipa-ldap-updater automatically and are effective immediately.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
ipa-2.2.0-17.el6_3.1.src.rpm
File outdated by:  RHBA-2013:1651
    MD5: 62c2821291c2c0129b1ccb7d1a539798
SHA-256: 4850bdd7bbe6f3d8e0947a46c7bc3c32f08d211399a5de31f1e78956126ebf33
 
IA-32:
ipa-admintools-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 6dd6e08112344b25588617d4442e7892
SHA-256: 17dac6ccca3e0defc3c336906d540bbb750e86b93bbb2f2c292917165a2afa09
ipa-client-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 4cd6ee6b234ecf156d3571453d4bc646
SHA-256: 4d1562aa86483c05c878341866525df5e15bc00b4a0a04cd50a24755cfb2b5b0
ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: bbf97e0afe5fecd7af9acfbe38e0ec79
SHA-256: de6bb4cb0f0ec33512980923d034c038d8e9b28002e2668de5647a018c8764bb
ipa-python-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 67f1abd3d7c8bd3f94a5d7dea3cd55eb
SHA-256: 1cd07f542ae6b67f47d981df0c5932e333e55da15ab02b8669680c79b857244a
ipa-server-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0f9dbe1bf1855da107f70fb055ae16f4
SHA-256: aa80f3a6825326d9a5006515f4e6439da1bdc19e800283ac1bf999871b8fc607
ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: f3731c3e893354c98e5a480b3f79e512
SHA-256: 6c400065cffcef3e999fc687773d011ae0a1791989cbe52f94082da095c54c8c
 
x86_64:
ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 349ea979166edc2446f2e5d20fe4dab8
SHA-256: 1f6aec546490c58f0a9dfdd9af8af6a25cd25265ce57aa2d09beb45d644b64d2
ipa-client-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0dcf47055ef49ae56c07c79668a6cfd8
SHA-256: 81b486e84fa6119cd3a5e52c5163e573e15ce04793c05d54cdf416f5bc5e29cc
ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0377e3c0652e3e485170f9eb19677748
SHA-256: a512ea8692c2650a118340adf746974d8326036e1eaceb327fbfd2fb3c019fbd
ipa-python-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: dda21067b5664a057e6a5508f785bbdc
SHA-256: 248dfa3cdc09d7b708cdde2556887cfe3c943d1e031cf01135691b3cb662ded1
ipa-server-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: b54ad0f64741d0408730df69a7fabc00
SHA-256: fdd849deea6ca4b45ea1c8ecc5c6824bf8886f192a37c7c6b432c64ee4b9b528
ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 24ddec29f33af71906a576d70c3accef
SHA-256: 22b12e800056192913f9f7af096542f53383821703ef05d7bd0ab4fb81cbeeec
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
ipa-2.2.0-17.el6_3.1.src.rpm
File outdated by:  RHBA-2013:1651
    MD5: 62c2821291c2c0129b1ccb7d1a539798
SHA-256: 4850bdd7bbe6f3d8e0947a46c7bc3c32f08d211399a5de31f1e78956126ebf33
 
x86_64:
ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 349ea979166edc2446f2e5d20fe4dab8
SHA-256: 1f6aec546490c58f0a9dfdd9af8af6a25cd25265ce57aa2d09beb45d644b64d2
ipa-client-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0dcf47055ef49ae56c07c79668a6cfd8
SHA-256: 81b486e84fa6119cd3a5e52c5163e573e15ce04793c05d54cdf416f5bc5e29cc
ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0377e3c0652e3e485170f9eb19677748
SHA-256: a512ea8692c2650a118340adf746974d8326036e1eaceb327fbfd2fb3c019fbd
ipa-python-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: dda21067b5664a057e6a5508f785bbdc
SHA-256: 248dfa3cdc09d7b708cdde2556887cfe3c943d1e031cf01135691b3cb662ded1
ipa-server-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: b54ad0f64741d0408730df69a7fabc00
SHA-256: fdd849deea6ca4b45ea1c8ecc5c6824bf8886f192a37c7c6b432c64ee4b9b528
ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 24ddec29f33af71906a576d70c3accef
SHA-256: 22b12e800056192913f9f7af096542f53383821703ef05d7bd0ab4fb81cbeeec
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
ipa-2.2.0-17.el6_3.1.src.rpm
File outdated by:  RHBA-2013:1651
    MD5: 62c2821291c2c0129b1ccb7d1a539798
SHA-256: 4850bdd7bbe6f3d8e0947a46c7bc3c32f08d211399a5de31f1e78956126ebf33
 
IA-32:
ipa-admintools-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 6dd6e08112344b25588617d4442e7892
SHA-256: 17dac6ccca3e0defc3c336906d540bbb750e86b93bbb2f2c292917165a2afa09
ipa-client-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 4cd6ee6b234ecf156d3571453d4bc646
SHA-256: 4d1562aa86483c05c878341866525df5e15bc00b4a0a04cd50a24755cfb2b5b0
ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: bbf97e0afe5fecd7af9acfbe38e0ec79
SHA-256: de6bb4cb0f0ec33512980923d034c038d8e9b28002e2668de5647a018c8764bb
ipa-python-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 67f1abd3d7c8bd3f94a5d7dea3cd55eb
SHA-256: 1cd07f542ae6b67f47d981df0c5932e333e55da15ab02b8669680c79b857244a
ipa-server-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0f9dbe1bf1855da107f70fb055ae16f4
SHA-256: aa80f3a6825326d9a5006515f4e6439da1bdc19e800283ac1bf999871b8fc607
ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: f3731c3e893354c98e5a480b3f79e512
SHA-256: 6c400065cffcef3e999fc687773d011ae0a1791989cbe52f94082da095c54c8c
 
PPC:
ipa-admintools-2.2.0-17.el6_3.1.ppc64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 5b942762f281c750f293298e6ff4b900
SHA-256: 463d20f655bff5df008b571711be9102948d0dffe3e2d4b0081ca80c1c37c752
ipa-client-2.2.0-17.el6_3.1.ppc64.rpm
File outdated by:  RHBA-2013:1651
    MD5: bcc90865f84c48bef4aad66b3e3ac01e
SHA-256: 542e150a91acf72d4e5a8a7cadce9adabe8150afa385e21c8ec3df9a6635b0d8
ipa-debuginfo-2.2.0-17.el6_3.1.ppc64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 074d0e50c97c93360b7abef3f4589f55
SHA-256: e1b4d59867743eac9df8e035de0d999240ddcb9ee35de9dc27885c7895d02a24
ipa-python-2.2.0-17.el6_3.1.ppc64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 4208f32e728e69a54aa1e27b6802247c
SHA-256: f116b9f145f62bcd925537b0724d31222f9d50c2b4058c1efcc5ea839b9376ac
 
s390x:
ipa-admintools-2.2.0-17.el6_3.1.s390x.rpm
File outdated by:  RHBA-2013:1651
    MD5: 27d8f6e8642d9c6f6e77e32a6d5c847d
SHA-256: dddd21939133aa5c1aed3e6404a29238962b624d506c069bd8fff65e241b69ce
ipa-client-2.2.0-17.el6_3.1.s390x.rpm
File outdated by:  RHBA-2013:1651
    MD5: 4874e52c146916fb7950b34217ab71a0
SHA-256: a75b0ec00aab7a6de1d833d4fae410577bddc8e03f2def9614c5e239a8819daa
ipa-debuginfo-2.2.0-17.el6_3.1.s390x.rpm
File outdated by:  RHBA-2013:1651
    MD5: 8eccb1724b4c6091129433ece81e2dc2
SHA-256: 29f11f6c0449ad7d16dfbd517bf047dfe5fc7bb3a03cdf57d0134e42ce496aa7
ipa-python-2.2.0-17.el6_3.1.s390x.rpm
File outdated by:  RHBA-2013:1651
    MD5: 53231ebdd8207fdb0d9f70ca41c922a3
SHA-256: 4b0676f0477cd3ab5348bae454284a590a29e94c0f86a76c8ca3548d8090d11c
 
x86_64:
ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 349ea979166edc2446f2e5d20fe4dab8
SHA-256: 1f6aec546490c58f0a9dfdd9af8af6a25cd25265ce57aa2d09beb45d644b64d2
ipa-client-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0dcf47055ef49ae56c07c79668a6cfd8
SHA-256: 81b486e84fa6119cd3a5e52c5163e573e15ce04793c05d54cdf416f5bc5e29cc
ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0377e3c0652e3e485170f9eb19677748
SHA-256: a512ea8692c2650a118340adf746974d8326036e1eaceb327fbfd2fb3c019fbd
ipa-python-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: dda21067b5664a057e6a5508f785bbdc
SHA-256: 248dfa3cdc09d7b708cdde2556887cfe3c943d1e031cf01135691b3cb662ded1
ipa-server-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: b54ad0f64741d0408730df69a7fabc00
SHA-256: fdd849deea6ca4b45ea1c8ecc5c6824bf8886f192a37c7c6b432c64ee4b9b528
ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 24ddec29f33af71906a576d70c3accef
SHA-256: 22b12e800056192913f9f7af096542f53383821703ef05d7bd0ab4fb81cbeeec
 
Red Hat Enterprise Linux Server EUS (v. 6.3.z)

SRPMS:
ipa-2.2.0-17.el6_3.1.src.rpm
File outdated by:  RHBA-2013:1651
    MD5: 62c2821291c2c0129b1ccb7d1a539798
SHA-256: 4850bdd7bbe6f3d8e0947a46c7bc3c32f08d211399a5de31f1e78956126ebf33
 
IA-32:
ipa-admintools-2.2.0-17.el6_3.1.i686.rpm     MD5: 6dd6e08112344b25588617d4442e7892
SHA-256: 17dac6ccca3e0defc3c336906d540bbb750e86b93bbb2f2c292917165a2afa09
ipa-client-2.2.0-17.el6_3.1.i686.rpm     MD5: 4cd6ee6b234ecf156d3571453d4bc646
SHA-256: 4d1562aa86483c05c878341866525df5e15bc00b4a0a04cd50a24755cfb2b5b0
ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm     MD5: bbf97e0afe5fecd7af9acfbe38e0ec79
SHA-256: de6bb4cb0f0ec33512980923d034c038d8e9b28002e2668de5647a018c8764bb
ipa-python-2.2.0-17.el6_3.1.i686.rpm     MD5: 67f1abd3d7c8bd3f94a5d7dea3cd55eb
SHA-256: 1cd07f542ae6b67f47d981df0c5932e333e55da15ab02b8669680c79b857244a
ipa-server-2.2.0-17.el6_3.1.i686.rpm     MD5: 0f9dbe1bf1855da107f70fb055ae16f4
SHA-256: aa80f3a6825326d9a5006515f4e6439da1bdc19e800283ac1bf999871b8fc607
ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm     MD5: f3731c3e893354c98e5a480b3f79e512
SHA-256: 6c400065cffcef3e999fc687773d011ae0a1791989cbe52f94082da095c54c8c
 
PPC:
ipa-admintools-2.2.0-17.el6_3.1.ppc64.rpm     MD5: 5b942762f281c750f293298e6ff4b900
SHA-256: 463d20f655bff5df008b571711be9102948d0dffe3e2d4b0081ca80c1c37c752
ipa-client-2.2.0-17.el6_3.1.ppc64.rpm     MD5: bcc90865f84c48bef4aad66b3e3ac01e
SHA-256: 542e150a91acf72d4e5a8a7cadce9adabe8150afa385e21c8ec3df9a6635b0d8
ipa-debuginfo-2.2.0-17.el6_3.1.ppc64.rpm     MD5: 074d0e50c97c93360b7abef3f4589f55
SHA-256: e1b4d59867743eac9df8e035de0d999240ddcb9ee35de9dc27885c7895d02a24
ipa-python-2.2.0-17.el6_3.1.ppc64.rpm     MD5: 4208f32e728e69a54aa1e27b6802247c
SHA-256: f116b9f145f62bcd925537b0724d31222f9d50c2b4058c1efcc5ea839b9376ac
 
s390x:
ipa-admintools-2.2.0-17.el6_3.1.s390x.rpm     MD5: 27d8f6e8642d9c6f6e77e32a6d5c847d
SHA-256: dddd21939133aa5c1aed3e6404a29238962b624d506c069bd8fff65e241b69ce
ipa-client-2.2.0-17.el6_3.1.s390x.rpm     MD5: 4874e52c146916fb7950b34217ab71a0
SHA-256: a75b0ec00aab7a6de1d833d4fae410577bddc8e03f2def9614c5e239a8819daa
ipa-debuginfo-2.2.0-17.el6_3.1.s390x.rpm     MD5: 8eccb1724b4c6091129433ece81e2dc2
SHA-256: 29f11f6c0449ad7d16dfbd517bf047dfe5fc7bb3a03cdf57d0134e42ce496aa7
ipa-python-2.2.0-17.el6_3.1.s390x.rpm     MD5: 53231ebdd8207fdb0d9f70ca41c922a3
SHA-256: 4b0676f0477cd3ab5348bae454284a590a29e94c0f86a76c8ca3548d8090d11c
 
x86_64:
ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm     MD5: 349ea979166edc2446f2e5d20fe4dab8
SHA-256: 1f6aec546490c58f0a9dfdd9af8af6a25cd25265ce57aa2d09beb45d644b64d2
ipa-client-2.2.0-17.el6_3.1.x86_64.rpm     MD5: 0dcf47055ef49ae56c07c79668a6cfd8
SHA-256: 81b486e84fa6119cd3a5e52c5163e573e15ce04793c05d54cdf416f5bc5e29cc
ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm     MD5: 0377e3c0652e3e485170f9eb19677748
SHA-256: a512ea8692c2650a118340adf746974d8326036e1eaceb327fbfd2fb3c019fbd
ipa-python-2.2.0-17.el6_3.1.x86_64.rpm     MD5: dda21067b5664a057e6a5508f785bbdc
SHA-256: 248dfa3cdc09d7b708cdde2556887cfe3c943d1e031cf01135691b3cb662ded1
ipa-server-2.2.0-17.el6_3.1.x86_64.rpm     MD5: b54ad0f64741d0408730df69a7fabc00
SHA-256: fdd849deea6ca4b45ea1c8ecc5c6824bf8886f192a37c7c6b432c64ee4b9b528
ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm     MD5: 24ddec29f33af71906a576d70c3accef
SHA-256: 22b12e800056192913f9f7af096542f53383821703ef05d7bd0ab4fb81cbeeec
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
ipa-2.2.0-17.el6_3.1.src.rpm
File outdated by:  RHBA-2013:1651
    MD5: 62c2821291c2c0129b1ccb7d1a539798
SHA-256: 4850bdd7bbe6f3d8e0947a46c7bc3c32f08d211399a5de31f1e78956126ebf33
 
IA-32:
ipa-admintools-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 6dd6e08112344b25588617d4442e7892
SHA-256: 17dac6ccca3e0defc3c336906d540bbb750e86b93bbb2f2c292917165a2afa09
ipa-client-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 4cd6ee6b234ecf156d3571453d4bc646
SHA-256: 4d1562aa86483c05c878341866525df5e15bc00b4a0a04cd50a24755cfb2b5b0
ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: bbf97e0afe5fecd7af9acfbe38e0ec79
SHA-256: de6bb4cb0f0ec33512980923d034c038d8e9b28002e2668de5647a018c8764bb
ipa-python-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 67f1abd3d7c8bd3f94a5d7dea3cd55eb
SHA-256: 1cd07f542ae6b67f47d981df0c5932e333e55da15ab02b8669680c79b857244a
ipa-server-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0f9dbe1bf1855da107f70fb055ae16f4
SHA-256: aa80f3a6825326d9a5006515f4e6439da1bdc19e800283ac1bf999871b8fc607
ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm
File outdated by:  RHBA-2013:1651
    MD5: f3731c3e893354c98e5a480b3f79e512
SHA-256: 6c400065cffcef3e999fc687773d011ae0a1791989cbe52f94082da095c54c8c
 
x86_64:
ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 349ea979166edc2446f2e5d20fe4dab8
SHA-256: 1f6aec546490c58f0a9dfdd9af8af6a25cd25265ce57aa2d09beb45d644b64d2
ipa-client-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0dcf47055ef49ae56c07c79668a6cfd8
SHA-256: 81b486e84fa6119cd3a5e52c5163e573e15ce04793c05d54cdf416f5bc5e29cc
ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 0377e3c0652e3e485170f9eb19677748
SHA-256: a512ea8692c2650a118340adf746974d8326036e1eaceb327fbfd2fb3c019fbd
ipa-python-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: dda21067b5664a057e6a5508f785bbdc
SHA-256: 248dfa3cdc09d7b708cdde2556887cfe3c943d1e031cf01135691b3cb662ded1
ipa-server-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: b54ad0f64741d0408730df69a7fabc00
SHA-256: fdd849deea6ca4b45ea1c8ecc5c6824bf8886f192a37c7c6b432c64ee4b9b528
ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm
File outdated by:  RHBA-2013:1651
    MD5: 24ddec29f33af71906a576d70c3accef
SHA-256: 22b12e800056192913f9f7af096542f53383821703ef05d7bd0ab4fb81cbeeec
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

876307 - CVE-2012-5484 ipa: weakness when initiating join from IPA client can potentially compromise IPA domain


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/