Fedora 12 Update: pki-tps-1.3.2-1.fc12

updates at fedoraproject.org updates at fedoraproject.org
Fri Aug 20 01:29:12 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-12242
2010-08-06 20:37:58
--------------------------------------------------------------------------------

Name        : pki-tps
Product     : Fedora 12
Version     : 1.3.2
Release     : 1.fc12
URL         : http://pki.fedoraproject.org/
Summary     : Dogtag Certificate System - Token Processing System
Description :
Dogtag Certificate System is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.

The Dogtag Token Processing System is an optional PKI subsystem
that acts as a Registration Authority (RA) for authenticating and processing
enrollment requests, PIN reset requests, and formatting requests from the
Enterprise Security Client (ESC).

Dogtag Token Processing System is designed to communicate with tokens that
conform to Global Platform's Open Platform Specification.

Dogtag Token Processing System communicates over SSL with various
PKI backend subsystems (including the Dogtag Certificate Authority,
the Dogtag Data Recovery Manager, and the Dogtag Token Key Service) to
fulfill the user's requests.

Dogtag Token Processing System also interacts with the token database,
an LDAP server that stores information about individual tokens.

--------------------------------------------------------------------------------
Update Information:

various bug fixes
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug  4 2010 Matthew Harmsen <mharmsen at redhat.com> 1.3.2-1
- Bugzilla Bug #601299 - tps installation does not update security domain
- Bugzilla Bug #527593 - More robust signature digest alg, like SHA256
  instead of SHA1 for ECC
- Bugzilla Bug #528236 - rhcs80 web conf wizard - cannot specify CA signing
  algorithm
- Bugzilla Bug #533510 - tps exception, cannot start when signed audit true
- Bugzilla Bug #529280 - TPS returns HTTP data without ending in 0rn per
  RFC 2616
- Bugzilla Bug #498299 - Should not be able to change the status manually
  on a token marked as permanently lost or destroyed
- Bugzilla Bug #554892 - configurable frequency signed audit
- Bugzilla Bug #500700 - tps log rotation
- Bugzilla Bug #562893 - tps shutdown if audit logs full
- Bugzilla Bug #557346 - Name Constraints Extension cant be marked critical
- Bugzilla Bug #556152 - ACL changes to CA and OCSP
- Bugzilla Bug #556167 - ACL changes to CA and OCSP
- Bugzilla Bug #581004 - add more audit logging to the TPS
- Bugzilla Bug #566517 - CC: Add client auth to OCSP publishing, and move
  to a client-auth port
- Bugzilla Bug #565842 - Clone config throws errors - fix key_algorithm
- Bugzilla Bug #581017 - enabling log signing from tps ui pages causes tps
  crash
- Bugzilla Bug #581004 - add more audit logs
- Bugzilla Bug #595871 - CC: TKS needed audit message changes
- Bugzilla Bug #598752 - Common Criteria: TKS ACL analysis result.
- Bugzilla Bug #598666 - Common Criteria: incorrect ACLs for signedAudit
- Bugzilla Bug #504905 - Smart card renewal should load old encryption cert
  on the token.
- Bugzilla Bug #499292 - TPS - Enrollments where keys are recovered need
  to do both GenerateNewKey and RecoverLast operation for encryption key.
- Bugzilla Bug #498299 - fix case where no transitions available
- Bugzilla Bug #604186 - Common Criteria: TPS: Key Recovery needs to meet CC
  requirements
- Bugzilla Bug #604178 - Common Criteria: TPS: cert registration needs to meet
  CC requirements
- Bugzilla Bug #600968 - Common Criteria: TPS: cert registration needs to meet
  CC requirements
- Bugzilla Bug #607381 - Common Criteria: TPS: cert registration needs to meet
  CC requirements
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update pki-tps' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list