Fedora 12 Update: pki-ca-1.3.6-1.fc12
updates at fedoraproject.org
updates at fedoraproject.org
Fri Aug 20 01:37:04 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-12225
2010-08-06 20:37:27
--------------------------------------------------------------------------------
Name : pki-ca
Product : Fedora 12
Version : 1.3.6
Release : 1.fc12
URL : http://pki.fedoraproject.org/
Summary : Dogtag Certificate System - Certificate Authority
Description :
Dogtag Certificate System is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.
The Dogtag Certificate Authority is a required PKI subsystem which issues,
renews, revokes, and publishes certificates as well as compiling and
publishing Certificate Revocation Lists (CRLs).
The Dogtag Certificate Authority can be configured as a self-signing
Certificate Authority (CA), where it is the root CA, or it can act as a
subordinate CA, where it obtains its own signing certificate from a public CA.
--------------------------------------------------------------------------------
Update Information:
various bug fixes
--------------------------------------------------------------------------------
ChangeLog:
* Wed Aug 4 2010 Matthew Harmsen <mharmsen at redhat.com> 1.3.6-1
- Bugzilla Bug #608086 - CC: CA, OCSP, and DRM need to add more audit calls
- Bugzilla Bug #527593 - More robust signature digest alg, like SHA256
instead of SHA1 for ECC
- Bugzilla Bug #528236 - rhcs80 web conf wizard - cannot specify CA signing
algorithm
- Bugzilla Bug #533510 - tps exception, cannot start when signed audit true
- Bugzilla Bug #529280 - TPS returns HTTP data without ending in 0rn per
RFC 2616
- Bugzilla Bug #498299 - Should not be able to change the status manually
on a token marked as permanently lost or destroyed
- Bugzilla Bug #554892 - configurable frequency signed audit
- Bugzilla Bug #500700 - tps log rotation
- Bugzilla Bug #562893 - tps shutdown if audit logs full
- Bugzilla Bug #557346 - Name Constraints Extension cant be marked critical
- Bugzilla Bug #556152 - ACL changes to CA and OCSP
- Bugzilla Bug #556167 - ACL changes to CA and OCSP
- Bugzilla Bug #581004 - add more audit logging to the TPS
- Bugzilla Bug #566517 - CC: Add client auth to OCSP publishing, and move
to a client-auth port
- Bugzilla Bug #565842 - Clone config throws errors - fix key_algorithm
- Bugzilla Bug #581017 - enabling log signing from tps ui pages causes tps
crash
- Bugzilla Bug #581004 - add more audit logs
- Bugzilla Bug #595871 - CC: TKS needed audit message changes
- Bugzilla Bug #598752 - Common Criteria: TKS ACL analysis result.
- Bugzilla Bug #598666 - Common Criteria: incorrect ACLs for signedAudit
- Bugzilla Bug #504905 - Smart card renewal should load old encryption cert
on the token.
- Bugzilla Bug #499292 - TPS - Enrollments where keys are recovered need
to do both GenerateNewKey and RecoverLast operation for encryption key.
- Bugzilla Bug #498299 - fix case where no transitions available
- Bugzilla Bug #595391 - session domain table to be moved to ldap
- Bugzilla Bug #598643 - Common Criteria: incorrect ACLs (non-existing groups)
- Bugzilla Bug #472597 - Disable policy code,UI
- Bugzilla Bug #504359 - pkiconsole - Administrator Group's Description
References Fedora
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pki-ca' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list