Bug 1371902
Summary: | Require python-jwcrypto with fix for CVE-2016-6298 | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Christian Heimes <cheimes> |
Component: | custodia | Assignee: | Christian Heimes <cheimes> |
Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.4 | CC: | dpal, ipa-maint, ksiddiqu, lmiksik, mkosek, pvoborni, rcritten, ssorce |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | 1371901 | Environment: | |
Last Closed: | 2016-11-04 02:48:26 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1371901 | ||
Bug Blocks: |
Description
Christian Heimes
2016-08-31 12:03:21 UTC
The patch is available upstream https://github.com/latchset/custodia/pull/70 Patch for FreeIPA: https://github.com/freeipa/freeipa/pull/56 # cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.3 Beta (Maipo) # rpm -qi python-jwcrypto Name : python-jwcrypto Version : 0.2.1 Release : 1.el7 Architecture: noarch Install Date: Mon 12 Sep 2016 05:30:24 PM IST Group : Unspecified Size : 166061 License : LGPLv3+ Signature : RSA/SHA256, Thu 28 Jul 2016 12:42:57 PM IST, Key ID 938a80caf21541eb Source RPM : python-jwcrypto-0.2.1-1.el7.src.rpm Build Date : Sat 02 Apr 2016 05:24:19 PM IST Build Host : ppc-021.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : https://github.com/simo5/jwcrypto Summary : Implements JWK,JWS,JWE specifications using python-cryptography Description : Implements JWK,JWS,JWE specifications using python-cryptography Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2287.html |