ELSA-2015-1462

ELSA-2015-1462 - ipa security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2015-07-28

Description


[3.0.0-47.el6]
- Resolves: #1220788 - Some IPA schema files are not RFC 4512 compliant

[3.0.0-46.el6]
- Use tls version range in NSSHTTPS initialization
- Resolves: #1154687 - POODLE: force using safe ciphers (non-SSLv3) in IPA
client and server
- Resolves: #1012224 - host certificate not issued to client during
ipa-client-install

[3.0.0-45.el6]
- Resolves: #1205660 - ipa-client rpm should require keyutils

[3.0.0-44.el6]
- Release 3.0.0-44
- Resolves: #1201454 - ipa breaks sshd config

[3.0.0-43.el6]
- Release 3.0.0-43
- Resolves: #1191040 - ipa-client-automount: failing with error LDAP server
returned UNWILLING_TO_PERFORM. This likely means that
minssf is enabled.
- Resolves: #1185207 - ipa-client dont end new line character in
/etc/nsswitch.conf
- Resolves: #1166241 - CVE-2010-5312 CVE-2012-6662 ipa: various flaws
- Resolves: #1161722 - IDM client registration failure in a high load
environment
- Resolves: #1154687 - POODLE: force using safe ciphers (non-SSLv3) in IPA
client and server
- Resolves: #1146870 - ipa-client-install fails with 'KerbTransport instance
has no attribute '__conn'' traceback
- Resolves: #1132261 - ipa-client-install failing produces a traceback
instead of useful error message
- Resolves: #1131571 - Do not allow IdM server/replica/client installation
in a FIPS-140 mode
- Resolves: #1198160 - /usr/sbin/ipa-server-install --uninstall does not
clean /var/lib/ipa/pki-ca
- Resolves: #1198339 - ipa-client-install adds extra sss to sudoers in
nsswitch.conf
- Require: 389-ds-base >= 1.2.11.15-51
- Require: mod_nss >= 1.0.10
- Require: pki-ca >= 9.0.3-40
- Require: python-nss >= 0.16


Related CVEs


CVE-2010-5312
CVE-2012-6662

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) ipa-3.0.0-47.el6.src.rpm27b9b004c22fba78bdf1a6f96a966916ELBA-2017-0781
ipa-admintools-3.0.0-47.el6.i686.rpm5c5edff045f2ddab81fefe81f504ca28ELBA-2017-0781
ipa-client-3.0.0-47.el6.i686.rpm60e54f0fb42cebd5cd401edaa8759a2bELBA-2017-0781
ipa-python-3.0.0-47.el6.i686.rpmf723a13f22fc48c5fc849f206064ba38ELBA-2017-0781
ipa-server-3.0.0-47.el6.i686.rpme4354412bf525efb7a35006a4aa9f88bELBA-2017-0781
ipa-server-selinux-3.0.0-47.el6.i686.rpm4fe9ec50f0a789d3dbe621d08384742fELBA-2017-0781
ipa-server-trust-ad-3.0.0-47.el6.i686.rpmf203f9e04d6234787021dfa33d9c63b2ELBA-2017-0781
Oracle Linux 6 (x86_64) ipa-3.0.0-47.el6.src.rpm27b9b004c22fba78bdf1a6f96a966916ELBA-2017-0781
ipa-admintools-3.0.0-47.el6.x86_64.rpm36fe5e8005eeb5bce8754eec210f1d85ELBA-2017-0781
ipa-client-3.0.0-47.el6.x86_64.rpmedd4037a52d32066262480c1ad1645b2ELBA-2017-0781
ipa-python-3.0.0-47.el6.x86_64.rpm29c314f01d41965382523436322b7cabELBA-2017-0781
ipa-server-3.0.0-47.el6.x86_64.rpmb0ad25921428f39002211da382e7ad0fELBA-2017-0781
ipa-server-selinux-3.0.0-47.el6.x86_64.rpm866deb5b19ae31537ca4e268b6726a98ELBA-2017-0781
ipa-server-trust-ad-3.0.0-47.el6.x86_64.rpm052f71a6d678bcfffd60e9158ed9d3cfELBA-2017-0781



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete