Low: ipa (SL6)

By Scientific Linux Team on March 4, 2013

Synopsis: Low: ipa security, bug fix and enhancement update
Issue Date: 2013-02-21
CVE Numbers: CVE-2012-4546

It was found that the current default configuration of IPA servers did not
publish correct CRLs (Certificate Revocation Lists). The default configuration
specifies that every replica is to generate its own CRL; however, this can
result in inconsistencies in the CRL contents provided to clients from
different Identity Management replicas. More specifically, if a certificate is
revoked on one Identity Management replica, it will not show up on another
Identity Management replica. (CVE-2012-4546)

SL6
x86_64
ipa-client-3.0.0-25.el6.x86_64.rpm
ipa-debuginfo-3.0.0-25.el6.x86_64.rpm
ipa-python-3.0.0-25.el6.x86_64.rpm
ipa-admintools-3.0.0-25.el6.x86_64.rpm
ipa-server-3.0.0-25.el6.x86_64.rpm
ipa-server-selinux-3.0.0-25.el6.x86_64.rpm
ipa-server-trust-ad-3.0.0-25.el6.x86_64.rpm
i386
ipa-client-3.0.0-25.el6.i686.rpm
ipa-debuginfo-3.0.0-25.el6.i686.rpm
ipa-python-3.0.0-25.el6.i686.rpm
ipa-admintools-3.0.0-25.el6.i686.rpm
ipa-server-3.0.0-25.el6.i686.rpm
ipa-server-selinux-3.0.0-25.el6.i686.rpm
ipa-server-trust-ad-3.0.0-25.el6.i686.rpm

The following packages were added for dependency resolution
SL6
x86_64
certmonger-0.61-3.el6.x86_64.rpm
mod_nss-1.0.8-18.el6.x86_64.rpm
nss-3.14.0.0-12.el6.i686.rpm
nss-3.14.0.0-12.el6.x86_64.rpm
nss-devel-3.14.0.0-12.el6.i686.rpm
nss-devel-3.14.0.0-12.el6.x86_64.rpm
nss-pkcs11-devel-3.14.0.0-12.el6.i686.rpm
nss-pkcs11-devel-3.14.0.0-12.el6.x86_64.rpm
nss-sysinit-3.14.0.0-12.el6.x86_64.rpm
nss-tools-3.14.0.0-12.el6.x86_64.rpm
nss-util-3.14.0.0-2.el6.i686.rpm
nss-util-3.14.0.0-2.el6.x86_64.rpm
nss-util-devel-3.14.0.0-2.el6.i686.rpm
nss-util-devel-3.14.0.0-2.el6.x86_64.rpm
policycoreutils-2.0.83-19.24.el6.x86_64.rpm
policycoreutils-gui-2.0.83-19.24.el6.x86_64.rpm
policycoreutils-newrole-2.0.83-19.24.el6.x86_64.rpm
policycoreutils-python-2.0.83-19.24.el6.x86_64.rpm
policycoreutils-sandbox-2.0.83-19.24.el6.x86_64.rpm

i386
certmonger-0.61-3.el6.i686.rpm
mod_nss-1.0.8-18.el6.i686.rpm
nss-3.14.0.0-12.el6.i686.rpm
nss-devel-3.14.0.0-12.el6.i686.rpm
nss-pkcs11-devel-3.14.0.0-12.el6.i686.rpm
nss-sysinit-3.14.0.0-12.el6.i686.rpm
nss-tools-3.14.0.0-12.el6.i686.rpm
nss-util-3.14.0.0-2.el6.i686.rpm
nss-util-devel-3.14.0.0-2.el6.i686.rpm
policycoreutils-2.0.83-19.24.el6.i686.rpm
policycoreutils-gui-2.0.83-19.24.el6.i686.rpm
policycoreutils-newrole-2.0.83-19.24.el6.i686.rpm
policycoreutils-python-2.0.83-19.24.el6.i686.rpm
policycoreutils-sandbox-2.0.83-19.24.el6.i686.rpm

– Scientific Linux Development Team