-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-16883 2011-12-10 18:45:44 --------------------------------------------------------------------------------
Name : certmonger Product : Fedora 16 Version : 0.52 Release : 1.fc16 URL : http://certmonger.fedorahosted.org Summary : Certificate status monitor and PKI enrollment client Description : Certmonger is a service which is primarily concerned with getting your system enrolled with a certificate authority (CA) and keeping it enrolled. -------------------------------------------------------------------------------- Update Information: This update incorporates a fix to continue being compatible with newer versions of IPA and collects assorted other fixes. -------------------------------------------------------------------------------- ChangeLog: * Fri Dec 16 2011 Nalin Dahyabhai <[email protected]> 0.52-1 - note that SELinux usually confines us to writing only to cert_t in doc/getting-started.txt (#765599) - fix crashes when we add a request during our first run when we're populating the hard-coded CA list - properly deal with cases where a path is passed to us is "./XXX" - in session mode, create our data directories as we go * Tue Dec 6 2011 Nalin Dahyabhai <[email protected]> 0.51-1 - api: lift restrictions on characters used in request and CA nicknames by making their object names not incorporate their nicknames - api: add find_request_by_nickname and find_ca_by_nickname - certmonger-ipa-submit.8: list -k, -K, -t in the summary, document -K - getcert: print "invalid option" error messages ourselves (#756291) - ipa-submit: supply a Referer: header when submitting requests to IPA (#750617, needed for #747710) * Fri Oct 14 2011 Nalin Dahyabhai <[email protected]> 0.50-1 - really fix these this time: - getcert: error out when "list -c" finds no matching CA (#743488) - getcert: error out when "list -i" finds no matching request (#743485) * Wed Oct 12 2011 Nalin Dahyabhai <[email protected]> 0.49-1 - when using an NSS database, skip loading the module database (#743042) - when using an NSS database, skip loading root certs - generate SPKAC values when generating CSRs, though we don't do anything with SPKAC values yet - internally maintain and use challenge passwords, if we have them - behave better when certificates have shorter lifetimes - add/recognize/handle notification type "none" - getcert: error out when "list -c" finds no matching CA (#743488) - getcert: error out when "list -i" finds no matching request (#743485) * Thu Sep 29 2011 Nalin Dahyabhai <[email protected]> 0.48-1 - don't incorrectly assume that CERT_ImportCerts() returns a NULL-terminated array (#742348) * Tue Sep 27 2011 Nalin Dahyabhai <[email protected]> 0.47-1 - getcert: distinguish between {stat() succeeds but isn't a directory} and {stat() failed} when printing an error message (#739903) - getcert resubmit/start-tracking: when we're looking for an existing request by ID, and we don't find one, note that specifically (#741262) * Mon Aug 29 2011 Stephen Gallagher <[email protected]> - 0.46-1.1 - Rebuild against fixed libtevent version * Mon Aug 15 2011 Nalin Dahyabhai <[email protected]> 0.46-1 - treat the ability to access keys in an NSS database without using a PIN, when we've been told we need one, as an error (#692766, really this time) -------------------------------------------------------------------------------- References: [ 1 ] Bug #756291 - RFE - Add single quote around switches when help text for switch usage is displayed https://bugzilla.redhat.com/show_bug.cgi?id=756291 [ 2 ] Bug #750617 - certmonger: Requires client-side changes for server-side fixes (due to CVE-2011-3636) [rhel-6.2] https://bugzilla.redhat.com/show_bug.cgi?id=750617 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update certmonger' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
