[El-errata] ELBA-2016-2881 Oracle Linux 7 pki-core bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Dec 6 18:53:42 PST 2016
Oracle Linux Bug Fix Advisory ELBA-2016-2881
http://linux.oracle.com/errata/ELBA-2016-2881.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
pki-base-10.3.3-14.el7_3.noarch.rpm
pki-base-java-10.3.3-14.el7_3.noarch.rpm
pki-ca-10.3.3-14.el7_3.noarch.rpm
pki-javadoc-10.3.3-14.el7_3.noarch.rpm
pki-kra-10.3.3-14.el7_3.noarch.rpm
pki-server-10.3.3-14.el7_3.noarch.rpm
pki-symkey-10.3.3-14.el7_3.x86_64.rpm
pki-tools-10.3.3-14.el7_3.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/pki-core-10.3.3-14.el7_3.src.rpm
Description of changes:
[10.3.3-14]
- Marked the following RHCS 9.1.z bug:
Bugzilla Bug #1382862 - TPS token enrollment fails to setupSecureChannel
when TPS and TKS security db is on fips mode. (jmagne)
as a duplicate of RHEL 7.3.z bug:
Bugzilla Bug #1389757 - Problems with FIPS mode (edewata)
and moved the patch from the RHCS 9.1.z bug to the RHEL 7.3.z bug.
[10.3.3-13]
- ## RHEL 7.3.z Batch Update 1
- Bugzilla Bug #1389757 - Problems with FIPS mode (edewata)
(added KRA key recovery via CLI in FIPS mode)
- ## RHCS 9.1.z Batch Update 1
- Reverted patches associated with
Bugzilla Bug #1386257 - Changes to target.agent.approve.list parameter is
not reflected in the TPS Web UI (edewata)
[10.3.3-12]
- ## RHEL 7.3.z Batch Update 1
- Bugzilla Bug #1390318 - CA EE: Submit caUserCert request without uid does
not show proper error message (alee)
- Bugzilla Bug #1390319 - Failed to start pki-tomcatd Service
("ipa-cacert-manage renew" failed?) (edewata)
- Bugzilla Bug #1390320 - pkispawn fails as it is not able to find
openssl as
a dependency package (mharmsen)
- Bugzilla Bug #1390321 - two-step externally-signed CA installation
fails due
to missing AuthorityID (ftweedal)
- Bugzilla Bug #1390322 - Spurious host authority entries created (ftweedal)
- Bugzilla Bug #1390324 - KRA installation failed against
externally-signed CA
with partial certificate chain (edewata)
- Bugzilla Bug #1389757 - Problems with FIPS mode (edewata)
- Bugzilla Bug #1390311 - Fix packaging duplicates of classes in
multiple jar
files (edewata)
- Bugzilla Bug #1390325 - Typo in comment line of
UserPwdDirAuthentication.java
(edewata)
- ## RHCS 9.1.z Batch Update 1
- Bugzilla Bug #1248553 - TPS Enrollment always goes to "ca1" (cfu)
- Bugzilla Bug #1274096 - [BUG] Add ability to disallow TPS to enroll a
single user on multiple tokens. (jmagne)
- Bugzilla Bug #1379379 - Unable to read an encrypted email using renewed
tokens (jmagne)
- Bugzilla Bug #1379749 - Automatic recovery of encryption cert is not
working
when a token is physically damaged and a temporary token is issued
(jmagne)
- Bugzilla Bug #1381375 - Cert/Key recovery is successful when the cert
serial
number and key id on the ldap user mismatches
- Bugzilla Bug #1381635 - Token format with external reg fails when
op.format.externalRegAddToToken.revokeCert=true (cfu)
- Bugzilla Bug #1382762 - PIN_RESET policy is not giving expected
results when
set on a token (jmagne)
- Bugzilla Bug #1382862 - TPS token enrollment fails to setupSecureChannel
when TPS and TKS security db is on fips mode. (jmagne)
- Bugzilla Bug #1386257 - Changes to target.agent.approve.list parameter is
not reflected in the TPS Web UI (edewata)
[10.3.3-11]
- PKI TRAC Ticket #1527 - TPS Enrollment always goes to "ca1" (cfu)
- PKI TRAC Ticket #1664 - [BUG] Add ability to disallow TPS to enroll a
single
user on multiple tokens. (jmagne)
- PKI TRAC Ticket #2478 - pkispawn fails as it is not able to find
openssl as a
dependency package (mharmsen)
- PKI TRAC Ticket #2483 - Unable to read an encrypted email using renewed
tokens (jmagne)
- PKI TRAC Ticket #2496 - Cert/Key recovery is successful when the cert
serial
number and key id on the ldap user mismatches (cfu)
- PKI TRAC Ticket #2505 - Fix packaging duplicates of classes in
multiple jar
files (edewata)
More information about the El-errata
mailing list