Fedora 15 Update: pki-core-9.0.10-1.fc15
updates at fedoraproject.org
updates at fedoraproject.org
Wed Aug 3 02:32:26 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-9707
2011-07-26 02:56:39
--------------------------------------------------------------------------------
Name : pki-core
Product : Fedora 15
Version : 9.0.10
Release : 1.fc15
URL : http://pki.fedoraproject.org/
Summary : Certificate System - PKI Core Components
Description :
==================================
|| ABOUT "CERTIFICATE SYSTEM" ||
==================================
Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.
PKI Core contains fundamental packages required by Certificate System,
and consists of the following components:
* pki-setup
* pki-symkey
* pki-native-tools
* pki-util
* pki-util-javadoc
* pki-java-tools
* pki-java-tools-javadoc
* pki-common
* pki-common-javadoc
* pki-selinux
* pki-ca
* pki-silent
which comprise the following PKI subsystems:
* Certificate Authority (CA)
For deployment purposes, Certificate System requires ONE AND ONLY ONE
of the following "Mutually-Exclusive" PKI Theme packages:
* ipa-pki-theme (IPA deployments)
* dogtag-pki-theme (Dogtag Certificate System deployments)
* redhat-pki-theme (Red Hat Certificate System deployments)
--------------------------------------------------------------------------------
Update Information:
'pki-setup'
'pki-symkey'
'pki-native-tools'
'pki-util'
Bugzilla Bug #719007 - Key Constraint keyParameter being ignored
using an ECC CA to generate ECC certs from CRMF. (jmagne)
Bugzilla Bug #716307 - rhcs80 - DER shall not include an encoding
for any component value which is equal to its default value (alee)
'pki-java-tools'
'pki-common'
Bugzilla Bug #720510 - Console: Adding a certificate into nethsm
throws Token not found error. (jmagne)
Bugzilla Bug #719007 - Key Constraint keyParameter being ignored
using an ECC CA to generate ECC certs from CRMF. (jmagne)
Bugzilla Bug #716307 - rhcs80 - DER shall not include an encoding
for any component value which is equal to its default value (alee)
Bugzilla Bug #722989 - Registering an agent when a subsystem is
created - does not log AUTHZ_SUCCESS event. (alee)
'pki-selinux'
'pki-ca'
Bugzilla Bug #719113 - Add client usage flag to caIPAserviceCert
(awnuk)
'pki-silent'
Updated release of 'jss'
Updated release of 'tomcatjss' for Fedora 15
'pki-setup'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser
(jdennis)
Bugzilla Bug #694569 - parameter used by pkiremove not updated (alee)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-symkey'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-native-tools'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #717765 - TPS configuration: logging into security domain
from tps does not work with clientauth=want. (alee)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-util'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-java-tools'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #532548 - Tool to do DRM re-key (mharmsen)
Bugzilla Bug #532548 - Tool to do DRM re-key (config file and record
processing) (mharmsen)
Bugzilla Bug #532548 - Tool to do DRM re-key (tweaks) (mharmsen)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-common'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #695403 - Editing signedaudit or transaction, system
logs throws 'Invalid protocol' for OCSP subsystems (alee)
Bugzilla Bug #694569 - parameter used by pkiremove not updated (alee)
Bugzilla Bug #695015 - Serial No. of a revoked certificate is not
populated in the CA signedAudit messages (alee)
Bugzilla Bug #694143 - CA Agent not returning specified request (awnuk)
Bugzilla Bug #695015 - Serial No. of a revoked certificate is not
populated in the CA signedAudit messages (jmagne)
Bugzilla Bug #698885 - Race conditions during IPA installation (alee)
Bugzilla Bug #704792 - CC_LAB_EVAL: CA agent interface:
SubjectID=$Unidentified$ fails audit evaluation (jmagne)
Bugzilla Bug #705914 - SCEP mishandles nicknames when processing
subsequent SCEP requests. (awnuk)
Bugzilla Bug #661142 - Verification should fail when a revoked
certificate is added. (jmagne)
Bugzilla Bug #707416 - CC_LAB_EVAL: Security Domain: missing audit msgs
for modify/add (alee)
Bugzilla Bug #707416 - additional audit messages for GetCookie (alee)
Bugzilla Bug #707607 - Published certificate summary has list of
non-published certificates with succeeded status (jmagne)
Bugzilla Bug #717813 - EV_AUDIT_LOG_SHUTDOWN audit log not generated
for tps and ca on server shutdown (jmagne)
Bugzilla Bug #697939 - DRM signed audit log message - operation should
be read instead of modify (jmagne)
Bugzilla Bug #718427 - When audit log is full, server continue to
function. (alee)
Bugzilla Bug #718607 - CC_LAB_EVAL: No AUTH message is generated in
CA's signedaudit log when a directory based user enrollment is
performed (jmagne)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-selinux'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #720503 - RA and TPS require additional SELinux
permissions to run in "Enforcing" mode (alee)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-ca'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser
(jdennis)
Bugzilla Bug #699837 - service command is not fully backwards
compatible with Dogtag pki subsystems (mharmsen)
Bugzilla Bug #649910 - Console: an auditor or agent can be added to an
administrator group. (jmagne)
Bugzilla Bug #707416 - CC_LAB_EVAL: Security Domain: missing audit msgs
for modify/add (alee)
Bugzilla Bug #716269 - make ra authenticated profiles non-visible on ee
pages (alee)
Bugzilla Bug #718621 - CC_LAB_EVAL: PRIVATE_KEY_ARCHIVE_REQUEST occurs
for a revocation invoked by EE user (awnuk)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
'pki-silent'
Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 22 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.10-1
- 'pki-setup'
- 'pki-symkey'
- 'pki-native-tools'
- 'pki-util'
- Bugzilla Bug #719007 - Key Constraint keyParameter being ignored
using an ECC CA to generate ECC certs from CRMF. (jmagne)
- Bugzilla Bug #716307 - rhcs80 - DER shall not include an encoding
for any component value which is equal to its default value (alee)
- 'pki-java-tools'
- 'pki-common'
- Bugzilla Bug #720510 - Console: Adding a certificate into nethsm
throws Token not found error. (jmagne)
- Bugzilla Bug #719007 - Key Constraint keyParameter being ignored
using an ECC CA to generate ECC certs from CRMF. (jmagne)
- Bugzilla Bug #716307 - rhcs80 - DER shall not include an encoding
for any component value which is equal to its default value (alee)
- Bugzilla Bug #722989 - Registering an agent when a subsystem is
created - does not log AUTHZ_SUCCESS event. (alee)
- 'pki-selinux'
- 'pki-ca'
- Bugzilla Bug #719113 - Add client usage flag to caIPAserviceCert
(awnuk)
- 'pki-silent'
* Thu Jul 14 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.9-1
- Updated release of 'jss'
- Updated release of 'tomcatjss' for Fedora 15
- 'pki-setup'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser
(jdennis)
- Bugzilla Bug #694569 - parameter used by pkiremove not updated (alee)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-symkey'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-native-tools'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #717765 - TPS configuration: logging into security domain
from tps does not work with clientauth=want. (alee)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-util'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-java-tools'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #532548 - Tool to do DRM re-key (mharmsen)
- Bugzilla Bug #532548 - Tool to do DRM re-key (config file and record
processing) (mharmsen)
- Bugzilla Bug #532548 - Tool to do DRM re-key (tweaks) (mharmsen)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-common'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #695403 - Editing signedaudit or transaction, system
logs throws 'Invalid protocol' for OCSP subsystems (alee)
- Bugzilla Bug #694569 - parameter used by pkiremove not updated (alee)
- Bugzilla Bug #695015 - Serial No. of a revoked certificate is not
populated in the CA signedAudit messages (alee)
- Bugzilla Bug #694143 - CA Agent not returning specified request (awnuk)
- Bugzilla Bug #695015 - Serial No. of a revoked certificate is not
populated in the CA signedAudit messages (jmagne)
- Bugzilla Bug #698885 - Race conditions during IPA installation (alee)
- Bugzilla Bug #704792 - CC_LAB_EVAL: CA agent interface:
SubjectID=$Unidentified$ fails audit evaluation (jmagne)
- Bugzilla Bug #705914 - SCEP mishandles nicknames when processing
subsequent SCEP requests. (awnuk)
- Bugzilla Bug #661142 - Verification should fail when a revoked
certificate is added. (jmagne)
- Bugzilla Bug #707416 - CC_LAB_EVAL: Security Domain: missing audit msgs
for modify/add (alee)
- Bugzilla Bug #707416 - additional audit messages for GetCookie (alee)
- Bugzilla Bug #707607 - Published certificate summary has list of
non-published certificates with succeeded status (jmagne)
- Bugzilla Bug #717813 - EV_AUDIT_LOG_SHUTDOWN audit log not generated
for tps and ca on server shutdown (jmagne)
- Bugzilla Bug #697939 - DRM signed audit log message - operation should
be read instead of modify (jmagne)
- Bugzilla Bug #718427 - When audit log is full, server continue to
function. (alee)
- Bugzilla Bug #718607 - CC_LAB_EVAL: No AUTH message is generated in
CA's signedaudit log when a directory based user enrollment is
performed (jmagne)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-selinux'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #720503 - RA and TPS require additional SELinux
permissions to run in "Enforcing" mode (alee)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-ca'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #693815 - /var/log/tomcat6/catalina.out owned by pkiuser
(jdennis)
- Bugzilla Bug #699837 - service command is not fully backwards
compatible with Dogtag pki subsystems (mharmsen)
- Bugzilla Bug #649910 - Console: an auditor or agent can be added to an
administrator group. (jmagne)
- Bugzilla Bug #707416 - CC_LAB_EVAL: Security Domain: missing audit msgs
for modify/add (alee)
- Bugzilla Bug #716269 - make ra authenticated profiles non-visible on ee
pages (alee)
- Bugzilla Bug #718621 - CC_LAB_EVAL: PRIVATE_KEY_ARCHIVE_REQUEST occurs
for a revocation invoked by EE user (awnuk)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
- 'pki-silent'
- Bugzilla Bug #695157 - Auditverify on TPS audit log throws error.
(mharmsen)
- Bugzilla Bug #669226 - Remove Legacy Build System (mharmsen)
* Wed May 25 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.8-2
- 'pki-setup'
- 'pki-symkey'
- 'pki-native-tools'
- 'pki-util'
- 'pki-java-tools'
- Added 'DRMTool.cfg' configuration file to inventory
- 'pki-common'
- 'pki-selinux'
- 'pki-ca'
- 'pki-silent'
* Wed May 25 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.8-1
- 'pki-setup'
- 'pki-symkey'
- 'pki-native-tools'
- 'pki-util'
- 'pki-java-tools'
- Bugzilla Bug #532548 - Tool to do DRM re-key
- 'pki-common'
- 'pki-selinux'
- 'pki-ca'
- 'pki-silent'
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update pki-core' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list