ipa-4.4.0-14.6.0.1.el7.AXS7
エラータID: AXSA:2017-1334:03
リリース日:
2017/03/06 Monday - 10:31
題名:
ipa-4.4.0-14.6.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- ipa の IDM の ca-del、ca-disable、ca-enable コマンドが Dogtag
の認証局を編集中にユーザのパーミッションを適切にチェックしておらず,
認証された攻撃者が認証局を削除,無効化、有効化することで
証明書の発行,OCSP の署名,秘密鍵の削除を引き起こすさまざまな
サービス拒否の問題を引き起こす脆弱性があります。(CVE-2017-2590)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-2590
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys.
追加情報:
N/A
ダウンロード:
SRPMS
- ipa-4.4.0-14.6.0.1.el7.AXS7.src.rpm
MD5: 40d1ed2434b9425ce02ea5de35b6a3de
SHA-256: 9df99c54e2db3b17aa0255c045dd6aeaf34903ec6bc8973b8371fd3eaa65fbe1
Size: 6.84 MB
Asianux Server 7 for x86_64
- ipa-admintools-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: 20813da63329158cda48ee77cc742d00
SHA-256: 59f2c1b451b7c33729a2f52f99c24b2e0c4b697d01ee0b01fe94fe9391288e7e
Size: 121.74 kB - ipa-client-4.4.0-14.6.0.1.el7.AXS7.x86_64.rpm
MD5: 2a93fac25d3a34ec91ace837c69347e1
SHA-256: 57ed280018d8e5fc9ccaad500f4b963d09f64480f4a769ffb09a26d5d1184851
Size: 228.92 kB - ipa-client-common-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: cab54abdcfbe9c5023a77bbd401696b7
SHA-256: 186765a08da0e20e28d926018bd2a7dce77edb020d254b96cc67e57fe06db909
Size: 122.54 kB - ipa-common-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: 181bb8171110d4f37bf11f6fef809415
SHA-256: c7bee554966d7b8a81125f2717bfe47ade772c5f704d85be3c9170865fdfb2c2
Size: 440.24 kB - ipa-server-4.4.0-14.6.0.1.el7.AXS7.x86_64.rpm
MD5: a71ed557f10e074d35c653a9490805bd
SHA-256: 6ed473cdb75e528943034b53cd480c7ee4b75757be8fabfd91b4cd008665dfb8
Size: 436.02 kB - ipa-server-common-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: 35e102ad4d07f050fe466de11db15d77
SHA-256: 46026a89f645865918b1fafbda5d0fe5b6f00f803cb2356f647e2d26cb7e90fa
Size: 620.79 kB - ipa-server-dns-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: 5f36cf7237073fe3cd5231b385d15e7a
SHA-256: 588fae04c7764d643dd6c926aefefc73e6b029c6a4ee23ed1caea8c1ac991979
Size: 120.57 kB - ipa-server-trust-ad-4.4.0-14.6.0.1.el7.AXS7.x86_64.rpm
MD5: b499acfd62c5050c337cd4269eba6939
SHA-256: 8f54c898175216b0ab96a066b29034ca8488da8982bce0be2d9b1a4f27195c24
Size: 204.47 kB - python2-ipaclient-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: 449a854e0ba14bfbc403f5aa082db350
SHA-256: 89cc2a54fbcd8accca33118f59d205c5ef0a725b5cab6f982ed1c0f880fcceb2
Size: 538.68 kB - python2-ipalib-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: e7a9c0f39193bb7af501569e017dd3dd
SHA-256: 0798e86b7648ffe5e0b64872890e22c785ad4619d3b919027ac51a70a18e884d
Size: 653.15 kB - python2-ipaserver-4.4.0-14.6.0.1.el7.AXS7.noarch.rpm
MD5: 83c72e0d13cd13d973f43e823f4be18d
SHA-256: 1fe29a0db4d6d0ba9d483f9b750ad54fbf3defa4bd7207133d89a6dc03e8faa7
Size: 1.27 MB