Issued:: 2010-01-27
Updated:: 2010-03-30

RHBA-2010:0066 - esc bug fix update

Synopsis

esc bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

An updated esc package that fixes various bugs is now available.

Description

The esc package contains the Smart Card Manager tool, which allows users to manage security smart cards. The primary function of the tool is to enroll smart cards, so that they can be used for common cryptographic operations, such as secure email and website access.

This updated esc package includes fixes for the following bugs:

The Enterprise Security Client incorrectly identified CAC cards as CoolKey cards and mistakenly opened the Phone Home connection dialog. With this update, CoolKey correctly identifies CAC cards and assigns the correct functionality to them. With this fix, it is still possible to view certificates and diagnostics for CAC cards, though the management functions are now disabled. RHBA-2010:9263, a CoolKey update, must also be installed to fully resolve this issue. (BZ#467011)
The Enterprise Security Client did not open the Phone Home connection dialog when a blank token was inserted. (BZ#514053)
Removing a smart card when the Enterprise Security Client was open could cause the Enterprise Security Client to terminate abnormally. With this update, removing smart cards should no longer cause the Enterprise Security Client to crash. (BZ#517414)
When creating a password for the Enterprise Security Client, using certain characters, such as the dollar sign and exclamation point, could cause a failure to enroll when entering the password later. This update fixes this problem so that using such symbols when creating passwords does not fail when attempting to enroll. (BZ#549540)
When the Enterprise Security Client was using an external user interface for enrollment and the UI page could not be downloaded because of a disconnected network or similar problem, then the user could neither enroll nor was made aware of the source of the problem. With this update, when such a situation occurs, a descriptive error message is sent to the user. (BZ#549542)
Inserting a CAC card into the computer causes the Enterprise Security Client to display an enabled "Enroll" button to the user erroneously because all management functions should be disabled for CAC cards. With this update, when a CAC card is entered, all management functions are disabled, including the "Enroll" function. (BZ#553661)

All users of the Enterprise Security Client are advised to upgrade to this updated package, which resolves these issues.

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Product	Version	Arch
Red Hat Enterprise Linux for Power, big endian	5	ppc
Red Hat Enterprise Linux Workstation	5	x86_64
Red Hat Enterprise Linux Workstation	5	i386
Red Hat Enterprise Linux Server	5	x86_64
Red Hat Enterprise Linux Server	5	ia64
Red Hat Enterprise Linux Server	5	i386
Red Hat Enterprise Linux Server from RHUI	5	x86_64
Red Hat Enterprise Linux Server from RHUI	5	i386
Red Hat Enterprise Linux Desktop	5	x86_64
Red Hat Enterprise Linux Desktop	5	i386

Updated Packages

esc-1.1.0-11.el5.x86_64.rpm
esc-1.1.0-11.el5.src.rpm
esc-1.1.0-11.el5.i386.rpm
esc-1.1.0-11.el5.ppc.rpm
esc-1.1.0-11.el5.ia64.rpm

Fixes

CVEs

(none)

References

(none)

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.