768058 – ipa-client: Requires client-side changes for server-side fixes (due to CVE-2011-3636) [rhel-5.7.z]

Bug 768058 - ipa-client: Requires client-side changes for server-side fixes (due to CVE-2011-3636) [rhel-5.7.z]

Summary: ipa-client: Requires client-side changes for server-side fixes (due to CVE-20...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	ipa-client
Sub Component:
Version:	5.8
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Rob Crittenden
QA Contact:	IDM QE LIST
Docs Contact:
URL:
Whiteboard:
Depends On:	752226
Blocks:
TreeView+	depends on / blocked

Reported:	2011-12-15 16:30 UTC by RHEL Program Management
Modified:	2011-12-20 08:16 UTC (History)
CC List:	10 users (show)
Fixed In Version:	ipa-client-2.0-14.el5_7.2
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-12-20 08:16:08 UTC
Target Upstream Version:
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:1841	0	normal	SHIPPED_LIVE	ipa-client bug fix update	2011-12-20 13:15:17 UTC

Description RHEL Program Management 2011-12-15 16:30:03 UTC

This bug has been copied from bug #752226 and has been proposed
to be backported to 5.7 z-stream (EUS).

Comment 4 Rob Crittenden 2011-12-15 16:58:43 UTC

Rebased and applied patch from upstream.

Comment 6 Namita Soman 2011-12-16 15:35:11 UTC

Verified using ipa-client-2.0-14.el5_7.2

First installed client using ipa-client-2.0-14.el5_7.1, and got the error -  Missing or invalid HTTP Referer, missing.

Then upgraded to ipa-client-2.0-14.el5_7.2, and was able to install successfully.

Since 5.7 doesn't have ipa-admintools, not verifying the error by running cmd:
ipa user-show <user>

Comment 7 errata-xmlrpc 2011-12-20 08:16:08 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1841.html

Note You need to log in before you can comment on or make changes to this bug.