Fedora 20 Update: certmonger-0.70-1.fc20

Fri Jan 3 08:39:40 UTC 2014

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-23360
2013-12-14 01:47:35
--------------------------------------------------------------------------------

Name        : certmonger
Product     : Fedora 20
Version     : 0.70
Release     : 1.fc20
URL         : http://certmonger.fedorahosted.org
Summary     : Certificate status monitor and PKI enrollment client
Description :
Certmonger is a service which is primarily concerned with getting your
system enrolled with a certificate authority (CA) and keeping it enrolled.

--------------------------------------------------------------------------------
Update Information:

This update fixes crashes in the daemon when there are errors reading some of its data files or errors saving newly-obtained certificates to disk.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan  2 2014 Nalin Dahyabhai <nalin at redhat.com> 0.70-1
- add a --with-homedir option to configure, and use it, since subprocesses
  which we run and which use NSS may attempt to write to $HOME/.pki, and
  0.69's strategy of setting that to "/" was rightly hitting SELinux policy
  denials (#1047798)
* Fri Dec 27 2013 Daniel Mach <dmach at redhat.com> - 0.69-2
- Mass rebuild 2013-12-27
* Mon Dec  9 2013 Nalin Dahyabhai <nalin at redhat.com> 0.69-1
- tweak how we decide whether we're on the master or a minion when we're
  told to use certmaster as a CA
- clean up one of the tests so that it doesn't have to work around internal
  logging producing duplicate messages
- when logging errors while setting up to contact xmlrpc servers, explicitly
  note that the error is client-side
- don't abort() due to incorrect locking when an attempt to save an issued
  certificate to the designated location fails (part of #1032760/#1033333,
  ticket #22)
- when reading an issued certificate from an enrollment helper, ignore
  noise before or after the certificate itself (more of #1032760/1033333,
  ticket #22)
- run subprocesses in a cleaned-up environment (more of #1032760/1033333,
  ticket #22)
- clear the ca-error that we saved when we had an error talking to the CA if we
  subsequently succeed in talking to the CA
- various other static-analysis fixes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #995022 - certmonger coredumps when certificates cannot be created due to permissions
        https://bugzilla.redhat.com/show_bug.cgi?id=995022
  [ 2 ] Bug #1043017 - [abrt] certmonger-0.67-1.fc19: strcmp: Process /usr/sbin/certmonger was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=1043017
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update certmonger' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------