Back to bug 1378277
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Fraser Tweedale | 2016-09-22 02:41:52 UTC | Target Release | --- | 7.3 |
| Matthew Harmsen | 2016-09-22 16:53:35 UTC | Target Release | 7.3 | --- |
| CC | mharmsen | |||
| Matthew Harmsen | 2016-09-22 16:53:53 UTC | Keywords | ZStream | |
| Matthew Harmsen | 2016-09-26 16:17:59 UTC | Status | NEW | POST |
| Nathan Kinder | 2016-10-20 23:47:09 UTC | CC | nkinder | |
| Ann Marie Rubin | 2016-10-21 15:01:28 UTC | CC | arubin | |
| Eugene Keck | 2016-10-31 15:54:20 UTC | Priority | unspecified | urgent |
| CC | ekeck | |||
| Hardware | Unspecified | All | ||
| OS | Unspecified | Linux | ||
| Severity | unspecified | urgent | ||
| Tom Lavigne | 2016-10-31 17:04:52 UTC | Blocks | 1390322 | |
| Matthew Harmsen | 2017-03-15 07:34:42 UTC | Status | POST | MODIFIED |
| Fixed In Version | pki-core-10.4.0-1.el7 | |||
| errata-xmlrpc | 2017-03-15 07:41:53 UTC | Status | MODIFIED | ON_QA |
| Geetika Kapoor | 2017-06-23 22:02:13 UTC | Status | ON_QA | VERIFIED |
| CC | gkapoor | |||
| Matthew Harmsen | 2017-07-13 00:41:26 UTC | Assignee | rhcs-maint | ftweedal |
| Fraser Tweedale | 2017-07-13 13:59:25 UTC | Doc Text | Cause: The Subject DN comparison in the routine that adds a Lightweight CA entry for the primary CA could return a false negative when the Subject DN contains attribute values with encodings other than UTF8String. Consequence: An additional Lightweight CA entry for the primary CA gets added on every startup. Fix: Compare Subject DNs in canonicalized string form. Result: Subject DNs containing attribute values with encodings other than UTF8String compare equal to the value stored in the Lightweight CA entry, preventing the addition of spurious entries. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Marc Muehlfeld | 2017-07-21 12:49:54 UTC | CC | ftweedal | |
| Docs Contact | mmuehlfe | |||
| Doc Text | Cause: The Subject DN comparison in the routine that adds a Lightweight CA entry for the primary CA could return a false negative when the Subject DN contains attribute values with encodings other than UTF8String. Consequence: An additional Lightweight CA entry for the primary CA gets added on every startup. Fix: Compare Subject DNs in canonicalized string form. Result: Subject DNs containing attribute values with encodings other than UTF8String compare equal to the value stored in the Lightweight CA entry, preventing the addition of spurious entries. | PKI Server now correctly compares subject DNs Due to a bug in the routine that adds a Lightweight CA entry for the primary CA, PKI Server previously failed to compare subject distinguished names (DN) if it contained attributes using encodings other than "UTF8String". As a consequence, every time the primary CA started, an additional Lightweight CA entry was added. PKI Server now compares the subject DNs in canonicalized form. As a result, PKI server no longer adds additional Lightweight CA entries in the mentioned sc enario. | ||
| Flags | needinfo?(ftweedal) | |||
| Fraser Tweedale | 2017-07-24 01:44:54 UTC | Flags | needinfo?(ftweedal) | needinfo?(mmuehlfe) |
| Marc Muehlfeld | 2017-07-24 07:31:24 UTC | Doc Text | PKI Server now correctly compares subject DNs Due to a bug in the routine that adds a Lightweight CA entry for the primary CA, PKI Server previously failed to compare subject distinguished names (DN) if it contained attributes using encodings other than "UTF8String". As a consequence, every time the primary CA started, an additional Lightweight CA entry was added. PKI Server now compares the subject DNs in canonicalized form. As a result, PKI server no longer adds additional Lightweight CA entries in the mentioned sc enario. | PKI Server now correctly compares subject DNs during startup Due to a bug in the routine that adds a Lightweight CA entry for the primary CA, PKI Server previously failed to compare subject distinguished names (DN) if it contained attributes using encodings other than "UTF8String". As a consequence, every time the primary CA started, an additional Lightweight CA entry was added. PKI Server now compares the subject DNs in canonicalized form. As a result, PKI server no longer adds additional Lightweight CA entries in the mentioned scenario. |
| Flags | needinfo?(mmuehlfe) | |||
| Marc Muehlfeld | 2017-07-24 13:10:11 UTC | Doc Text | PKI Server now correctly compares subject DNs during startup Due to a bug in the routine that adds a Lightweight CA entry for the primary CA, PKI Server previously failed to compare subject distinguished names (DN) if it contained attributes using encodings other than "UTF8String". As a consequence, every time the primary CA started, an additional Lightweight CA entry was added. PKI Server now compares the subject DNs in canonicalized form. As a result, PKI server no longer adds additional Lightweight CA entries in the mentioned scenario. | PKI Server now correctly compares subject DNs during startup Due to a bug in the routine that adds a Lightweight CA entry for the primary CA, PKI Server previously failed to compare subject distinguished names (DN) if it contained attributes using encodings other than "UTF8String". As a consequence, every time the primary CA started, an additional Lightweight CA entry was added. PKI Server now compares the subject DNs in canonical form. As a result, PKI server no longer adds additional Lightweight CA entries in the mentioned scenario. |
| errata-xmlrpc | 2017-08-01 22:46:01 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-08-01 18:46:01 UTC | |||
| Dinesh Prasanth | 2020-10-04 21:15:10 UTC | Link ID | Github dogtagpki/pki/issues/2595 |
Back to bug 1378277