-
Mon Aug 13 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-15
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1600905 - pki console configurations that involves ldap
passwords leave the plain text password in signed audit logs
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1611245 - Certificate generation happens with partial
attributes in CMCRequest file [rhel-7.5.z] (cfu)
- Bugzilla Bug #1611250 - Better understanding of
NSS_USE_DECODED_CKA_EC_POINT for ECC [rhel-7.5.z] (cfu)
- Bugzilla Bug #1612880 - CMC Revocations throws exception with
same reqIssuer & certissuer [rhel-7.5.z] (cfu)
- Bugzilla Bug #1614837 - ipa-replica-install --setup-kra broken on
DL0 with latest version [rhel-7.5.z] (abokovoy)
- Bugzilla Bug #1614839 - CC: Enable all config audit events
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1615266 - ECC keys not supported for signing audit
logs [rhel-7.5.z] (cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1539933 - keyGen fails when only Identity
-
Mon Jul 02 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-14
- Updated "jss" build and runtime requirements (mharmsen)
- Updated "tomcatjss" build and runtime requirements (mharmsen)
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1574848 - servlet profileSubmitCMCSimple throws NPE
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1593585 - Need proper default subjectDN for CMC request
authenticated through SharedToken [rhel-7.5.z] (cfu)
- Bugzilla Bug #1594128 - CMC: Audit Events needed for failures in
SharedToken scenario's [rhel-7.5.z] (cfu)
- Bugzilla Bug #1595606 - AuditVerify failure due to line breaks
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1596525 - Address ECC profile overrides [rhel-7.5.z] (cfu)
- Bugzilla Bug #1596551 - X500Name.directoryStringEncodingOrder overridden
by CSR encoding [rhel-7.5.z] (cfu)
- Bugzilla Bug #1553068 - Using a Netmask produces an odd entry in a
certifcate [rhel-7.5.z] (ftweedal)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
-
Sat Jun 09 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-13.1
- Rebuild due to build system database problem
-
Fri Jun 08 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-13
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1553068 - Using a Netmask produces an odd
entry in a certifcate [rhel-7.5.z] (ftweedal)
- Bugzilla Bug #1585945 - CMC CRMF requests result in
InvalidKeyFormatException when signing algorithm is ECC
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1587826 - ExternalCA: Installation failed during
csr generation with ecc [rhel-7.5.z] (rrelyea, gkapoor)
- Bugzilla Bug #1588944 - Cert validation for installation with
external CA cert [rhel-7.5.z] (edewata)
- Bugzilla Bug #1588945 - CRMFPopClient tool - should allow
option to do no key archival (cfu)
- Bugzilla Bug #1589307 - CVE-2018-1080 pki-core: Mishandled
ACL configuration in AAclAuthz.java reverses rules that allow
and deny access [rhel-7.5.z] (ftweedal, cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
-
Tue May 22 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-12
- Updated "jss" build and runtime requirements (mharmsen)
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1571582 - [MAN] Missing Man pages for tools CMCRequest,
CMCResponse, CMCSharedToken (typos) [rhel-7.5.z] (cfu)
- Bugzilla Bug #1572548 - IPA install with external-CA is failing when
FIPS mode enabled. [rhel-7.5.z] (edewata)
- Bugzilla Bug #1574848 - servlet profileSubmitCMCSimple throws NPE
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1575521 - subsystem -> subsystem SSL handshake issue
with TLS_ECDHE_RSA_* on Thales HSM [rhel-7.5.z] (cfu)
- Bugzilla Bug #1581134 - ECC installation for non CA subsystems needs
improvement [rhel-7.5.z] (jmagne)
- Bugzilla Bug #1581135 - SAN in internal SSL server certificate in
pkispawn configuration step [rhel-7.5.z] (cfu)
- Bugzilla Bug #1581167 - CC: CMC profiles: Some CMC profiles have wrong
input class_id [rhel-7.5.z] (cfu)
- Bugzilla Bug #1581382 - ECDSA Certificates Generated by Certificate System
9.3 fail NIST validation test with parameter field. [rhel-7.5.z] (cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
-
Mon Apr 09 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-11
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1554726 - Need ECC-specific Enrollment Profiles for
standard conformance [rhel-7.5.z] (cfu)
- Bugzilla Bug #1557880 - [MAN] Missing Man pages for tools
CMCRequest, CMCResponse, CMCSharedToken [rhel-7.5.z] (cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1560233 - libtps does not directly depend on libz
-
Fri Mar 23 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-10
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1550581 - CMCAuth throws
org.mozilla.jss.crypto.TokenException: Unable to insert certificate into
temporary database [rhel-7.5.z] (cfu)
- Bugzilla Bug #1551067 - [MAN] Add --skip-configuration
and --skip-installation into pkispawn man page. [rhel-7.5.z] (edewata)
- Bugzilla Bug #1552241 - Make sslget aware of TLSv1_2 ciphers
[rhel-7.5.z] (cheimes, mharmsen)
- Bugzilla Bug #1553068 - Using a Netmask produces an odd entry
in a certifcate [rhel-7.5.z] (ftweedal)
- Bugzilla Bug #1554726 - Need ECC-specific Enrollment Profiles for
standard conformance [rhel-7.5.z] (cfu)
- Bugzilla Bug #1554727 - Permit additional FIPS ciphers to be enabled
by default for RSA . . . [rhel-7.5.z] (mharmsen, cfu)
- Bugzilla Bug #1557880 - [MAN] Missing Man pages for tools
CMCRequest, CMCResponse, CMCSharedToken [rhel-7.5.z] (cfu)
- Bugzilla Bug #1557883 - Console: Adding ACL from pki-console gives
StringIndexOutOfBoundsException [rhel-7.5.z] (ftweedal)
- Bugzilla Bug #1558919 - Not able to generate certificate request
with ECC using pki client-cert-request [rhel-7.5.z] (akahat)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1560233 - libtps does not directly depend on libz
-
Mon Feb 19 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-9
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- # Bugzilla Bug #1473452 - Rebase pki-core to latest upstream 10.5.x release
- Bugzilla Bug #1445532 - CC: Audit Events: Update the default audit event
set (RHEL) (edewata)
- Bugzilla Bug #1532867 - Inconsistent key ID encoding (edewata)
- Bugzilla Bug #1540687 - CC: External OCSP Installation failure with HSM
and FIPS (edewata)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
- # Bugzilla Bug #1404075 - CC: Audit Events: Update the default audit event
-
Mon Feb 12 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-8
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- # Bugzilla Bug #1473452 - Rebase pki-core to latest upstream 10.5.x release
- Bugzilla Bug #1542210 - pki console configurations that involves ldap
passwords leave the plain text password in debug logs (jmagne)
- Bugzilla Bug #1543242 - Regression in lightweight CA key replication
(ftweedal)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
-
Mon Feb 05 2018 Dogtag Team <pki-devel@redhat.com> 10.5.1-7
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- # Bugzilla Bug #1473452 - Rebase pki-core to latest upstream 10.5.x release
- Bugzilla Bug #1445532 - CC: Audit Events: Update the default audit event
set (RHEL) (edewata)
- Bugzilla Bug #1522938 - CC: Missing faillure resumption detection and
audit event logging at startup (jmagne)
- Bugzilla Bug #1523410 - Unable to have non "pkiuser" owned CA instance
(alee)
- Bugzilla Bug #1525306 - CC: missing CMC request and response record
(cfu)
- Bugzilla Bug #1532933 - Installing subsystems with external CMC
certificates in HSM environment shows import error (edewata)
- Bugzilla Bug #1535797 - ExternalCA: Failures when installed with hsm
(edewata)
- Bugzilla Bug #1539125 - restrict default cipher suite to those ciphers
permitted in fips mode (mharmsen)
- Bugzilla Bug #1539198 - Inconsistent CERT_REQUEST_PROCESSED
outcomes. (edewata)
- Bugzilla Bug #1540440 - CMC: Audit Events needed for failures in
SharedToken scenario's (cfu)
- Bugzilla Bug #1541526 - CMC: Revocation works with an unknown
revRequest.issuer (cfu)
- Bugzilla Bug #1541853 - ProfileService: config values with
backslashes have backslashes removed (ftweedal)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
- # Bugzilla Bug #1404075 - CC: Audit Events: Update the default audit
- # Bugzilla Bug #1501436 - TPS CS.cfg should be reflected with the