openCryptoki
185
* systems with NUMA nodes which were not ordered contiguously caused numactl to return incorrect
and therefore invalid NUMA data. With this update, numactl shows correct and valid data for systems
with NUMA nodes which are discontiguous in addition to those which are contiguous. (
BZ#491689
1539
)
* the "numactl" command possesses an '-H' short option that corresponds to the long option, '--
hardware', which is used to show the inventory of available nodes on the system. However, numactl
did not recognize the short '-H' option. With this update, numactl now recognizes the '-H' option, which
once again has the same affect as '--hardware'. (
BZ#502241
1540
)
All users of numactl are advised to upgrade to these updated packages, which resolve these issues.
1.137. openCryptoki
1.137.1. RHBA-2009:1685: bug fix update
Note
This update has already been released (prior to the GA of this release) as errata
RHBA-2009:1685
1541
Updated openCryptoki packages that resolve several issues are now available.
The openCryptoki package contains version 2.11 of the PKCS#11 API, implemented for IBM
Cryptocards. This package includes support for the IBM 4758 Cryptographic CoProcessor (with the
PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer
System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), the IBM CP Assist for
Cryptographic Function (FC 3863 on IBM System z).
These updated openCryptoki packages provide fixes for the following bugs:
* after initializing a hardware cryptographic token, attempting to unwrap an AES key failed and caused
openCryptoki to return a "CKR_TEMPLATE_INCOMPLETE" error code. With this update, AES key
unwrapping now succeeds as expected. (
BZ#540471
1542
)
* the openCryptoki API enables programs to offload the computation of the message authentication
code (MAC) to the Central Processor Assist for Cryptographic Function (CPACF) of cryptographic
hardware. When using PKCS#11 for the acceleration of cryptographic instructions, openCryptoki
returned an error code of "411", indicating that the MAC was unable to be verified. With this update,
the MAC is now computed successfully after being offloaded to the CPACF. (
BZ#540474
1543
)
* openCryptoki was not properly recognizing that secure-key crypto support was installed, and so the
"CCA" token was not being enabled for use. (
BZ#545379
1544
)
All users of openCryptoki are advised to upgrade to these updated packages, which resolve these
issues.
1539
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=491689
1540
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=502241
1542
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=540471
1543
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=540474
1544
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=545379
Содержание ENTERPRISE LINUX 5.5 - S 2010
Страница 10: ...x ...
Страница 308: ...298 ...
Страница 310: ...300 ...
Страница 468: ...458 ...
Страница 470: ...460 ...