Rapid7 Vulnerability & Exploit Database

CESA-2003:268: New up2date available with updated SSL certificate authority file

Back to Search

CESA-2003:268: New up2date available with updated SSL certificate authority file

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
08/29/2003
Created
07/25/2018
Added
03/12/2010
Modified
07/04/2017

Description

New versions of the up2date and rhn_register clients are available and are required for continued access to CentOS Network.

The rhn_register and up2date packages contain the software necessary to take advantage of CentOS Network functionality. This erratum includes an updated RHNS-CA-CERT file, which contains a new CA certificate. This new certificate is needed so that up2date can continue to communicate with CentOS Network after 28 August 2003. Without this updated certificate, users will see SSL Connection Errors reported by up2date or rhn_register. All users must upgrade to these erratum packages in order to continue to use CentOS Network. This includes both interactive use of up2date, as well as actions scheduled by the RHN website.

Solution(s)

  • centos-upgrade-up2date
  • centos-upgrade-up2date-gnome

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;