Fedora 15 Update: myproxy-5.4-1.fc15
updates at fedoraproject.org
updates at fedoraproject.org
Sun May 1 03:27:42 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-6006
2011-04-26 15:29:20
--------------------------------------------------------------------------------
Name : myproxy
Product : Fedora 15
Version : 5.4
Release : 1.fc15
URL : http://grid.ncsa.illinois.edu/myproxy/
Summary : Manage X.509 Public Key Infrastructure (PKI) security credentials
Description :
MyProxy is open source software for managing X.509 Public Key Infrastructure
(PKI) security credentials (certificates and private keys). MyProxy
combines an online credential repository with an online certificate
authority to allow users to securely obtain credentials when and where needed.
Users run myproxy-logon to authenticate and obtain credentials, including
trusted CA certificates and Certificate Revocation Lists (CRLs).
--------------------------------------------------------------------------------
Update Information:
PLEASE NOTE: The default behavior for the myproxy-server.config cert_dir option has changed in this release: http://lists.globus.org/pipermail/myproxy-user/2011-March/000231.html
Changes in this release:
* support disabling reverse DNS lookup of server hostname in MyProxy clients by setting the environment variable GLOBUS_GSSAPI_NAME_COMPATIBILITY to STRICT_RFC2818 (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=6789)
* prefer to link with libvomsapi instead of libvomsc (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7133)
* fix double-free in myproxy_install_trusted_cert_files() on write error (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7135)
* add myproxy-test -generatecerts option and remove dependency on $HOME (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7139)
* myproxy-server trustroots security improvements:
* cert_dir no longer defaults to /etc/grid-security/certificates.
* Server will ignore requests for trustroots if cert_dir is not defined.
* Server will refuse to start if the trustroots directory set using cert_dir contains any regular files that are not world-readable.
* Once started, the server will skip (i.e. will not return to client) any regular files found later to NOT have world-readable permissions.
* fix GPT dependency on globus_proxy_utils package (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=7151)
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update myproxy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list