Novell Home

Security Update 5

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 4 Aug 2004
 

Security Update 5 (secupd5.tgz) was posted July 2004, replacing Security Updates 1 through 4. This file contains fixes in NILE, NTLS, and PKI, which have been delivered through many Novell products. For complete details, see TID 2969286.

Although Security Update 5 contains the security vulnerability fixes from the previous security updates, Security Update 5 DOES NOT contain any additional new security vulnerability fixes. Security Update 5 contains additional bug fixes to the PKI product (See resolved issues section for details). These bug fixes were only made in the latest version of the PKI product. If you are running a version older than eDirectory 8.7.1, and have already installed a previous Security Update patch, you do not need to install this patch as no additional changes have been made to the previous version of PKI.

Requirements

NICI 2.6.4 must be installed before applying this patch. For specific platform instructions, go to the individual product directories:

  • NetWare: ./nw/install.txt
  • Windows: ./nt/install.txt
  • Unix: ./unix/readme.txt
Security Update 5 Issues Resolved in PKI
  • Server abends with a SMP server running NTLS 1.6 and 1.8
  • OCSP request needs to include the optional Service Locater extension
  • iChain failed to work with Verisign Certificate as non-exportable
  • Certificate was not created in the second replica server in 65sp2
  • swlist shows wrong descriptions for NOVLpkis, NOVLpkit and NOVLpkia
  • Need to handle multiple names in a CRL Distribution Poi
  • nt
  • Add code to set the RequestorName field in an OCSP request
  • The X509Advanced method fails authentication with a 1642 error on the client
Security Update 1, 2, 3 and 4 Issues Resolved

All versions of eDirectory up to and including 8.7.3 on all platforms are affected by the OpenSSL vulnerabilities. This patch includes previously released updates for eDirectory for all platforms that corrects the known issues.

All versions of iManager up to and including 2.0.2 on all platforms are affected by the OpenSSL vulnerabilities. This patch includes previously released updates for iManager 2.0.2 for all platforms that corrects the known issues.

For information on the Security Vulnerability issues resolved in previous versions of the Security Update patch, please see TID 10087450, titled "NISCC vulnerability advisory on SSL (secure sockets layer) and TLS (transport)."

Note: If eDirectory and iManager are on the same server, you only need to apply this patch once for both products.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell