- Issued:
- 2010-01-20
- Updated:
- 2010-03-30
RHBA-2010:0055 - hmaccalc bug fix update
Synopsis
hmaccalc bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
An updated hmaccalc package that fixes a self-test bug related to binary prelinking is now available.
Description
The hmaccalc package contains tools to calculate HMAC (Hash-based Message Authentication Code) values for files. The names and interfaces were designed to mimic those of the sha1sum, sha256sum, sha384sum and sha512sum tools provided by the coreutils package.
This updated hmaccalc package fixes the following bug:
- each time one of the tools in the hmaccalc package is used, it performs a self-test by comparing the checksum of its own binary with the value which was computed when the binary package was built. However, if an hmaccalc binary had been prelinked using the "prelink" command, and that command was not located in one of the directories listed in the PATH environment variable, then that binary would be unable to use the prelink tool to verify the checksum against an unmodified copy of itself. This update contains a backported fix that allows hmaccalc to remember the location of the prelink command that was available at build time, and to be able to use it if necessary.
Note that this fix is required in order to build the Linux kernel with FIPS-compliance (Federal Information Processing Standards) enabled. (BZ#512275)
All users of hmaccalc are advised to upgrade to this updated package, which resolves this issue.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- hmaccalc-0.9.6-3.el5.src.rpm
- hmaccalc-0.9.6-3.el5.x86_64.rpm
- hmaccalc-0.9.6-3.el5.s390x.rpm
- hmaccalc-0.9.6-3.el5.ia64.rpm
- hmaccalc-0.9.6-3.el5.ppc.rpm
- hmaccalc-0.9.6-3.el5.i386.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.