Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 38: 2023-6215ea423b critical: keyring-ima-signer update

fedora
Calendar Grey December 6, 2023
Dist Fedora Esm H88
Fedora 38 has introduced a Keyring-ima-signer update designed to mitigate security flaws present in the OpenSSL library.
Affected applications were rebuilt against version 0.10.60 of the the `openssl` crate (the Rust bindings for OpenSSL) to address two security advisories: - https://rustsec.org/advi...

Summary

The IMA (Integrity Measurement Architecture) is a key component of the

Linux integrity subsystem designed to ensure integrity, authenticity,

and confidentiality of systems including hardware root of trusts (TPM).

This tool allows signing of files in userspace, inclusding options of

including the signature in xattr or a .sig file, using signing keys

stored in the kernel keyring to ensure they're not recoverable.

Update Information:

Affected applications were rebuilt against version 0.10.60 of the the `openssl` crate (the Rust bindings for OpenSSL) to address two security advisories: - https://rustsec.org/advisories/RUSTSEC-2023-0044.html - https://rustsec.org/advisories/RUSTSEC-2023-0072.html

Topics%20covered

Topics Covered

security advisory Fedora OpenSSL critical security keyring signing tool

Change Log

* Fri Dec 1 2023 Fabio Valentini - 0.1.0-11 - Rebuild for openssl crate >= v0.10.60 (RUSTSEC-2023-0044, RUSTSEC-2023-0072) * Thu Jul 20 2023 Fedora Release Engineering - 0.1.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

References

Fedora Update Notification FEDORA-2023-6215ea423b 2023-12-06 01:45:51.746952 Name : keyring-ima-signer Product : Fedora 38 Version : 0.1.0 Release : 11.fc38 URL : https://github.com/fedora-iot/keyring-ima-signer/ Summary : An IMA file signing tool using the kernel keyring Description : The IMA (Integrity Measurement Architecture) is a key component of the Linux integrity subsystem designed to ensure integrity, authenticity, and confidentiality of systems including hardware root of trusts (TPM). This tool allows signing of files in userspace, inclusding options of including the signature in xattr or a .sig file, using signing keys stored in the kernel keyring to ensure they're not recoverable.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6215ea423b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: keyring-ima-signer
Product: Fedora 38
Version: 0.1.0
Release: 11.fc38
URL: https://github.com/fedora-iot/keyring-ima-signer/
Summary: An IMA file signing tool using the kernel keyring

Topics%20covered

Topics Covered

security advisory Fedora OpenSSL critical security keyring signing tool

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here