Candidate: CVE-2012-5484
PublicDate: 2013-01-27 18:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5484
 http://www.freeipa.org/page/CVE-2012-5484
Description:
 The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the
 Certification Authority (CA) certificate from the server, which allows
 man-in-the-middle attackers to spoof a join procedure via a crafted
 certificate.
Ubuntu-Description: 
Notes: 
Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1104954
Priority: medium
Discovered-by: Petr Menšík
Assigned-to: 
CVSS: 

Patches_freeipa:
 upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f (pt1)
 upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a40285c5a0288669b72f9d991508d4405885bffc (pt2)
 upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=91f4af7e6af53e1c6bf17ed36cb2161863eddae4 (pt3)
 upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=a40285c5a0288669b72f9d991508d4405885bffc (pt4)
 upstream: http://git.fedorahosted.org/cgit/freeipa.git/commit/?id=18eea90ebb24a9c22248f0b7e18646cc6e3e3e0f (pt5)
upstream_freeipa: released (3.1.2)
hardy_freeipa: DNE
lucid_freeipa: DNE
oneiric_freeipa: DNE
precise_freeipa: ignored (reached end-of-life)
precise/esm_freeipa: DNE (precise was needed)
quantal_freeipa: ignored (reached end-of-life)
raring_freeipa: not-affected (3.1.2-0ubuntu1)
saucy_freeipa: not-affected (3.1.2-0ubuntu1)
trusty_freeipa: not-affected (3.1.2-0ubuntu1)
trusty/esm_freeipa: not-affected (3.1.2-0ubuntu1)
utopic_freeipa: not-affected (3.1.2-0ubuntu1)
vivid_freeipa: not-affected (3.1.2-0ubuntu1)
vivid/stable-phone-overlay_freeipa: DNE
vivid/ubuntu-core_freeipa: DNE
wily_freeipa: not-affected (3.1.2-0ubuntu1)
xenial_freeipa: not-affected (3.1.2-0ubuntu1)
yakkety_freeipa: not-affected (3.1.2-0ubuntu1)
zesty_freeipa: not-affected (3.1.2-0ubuntu1)
devel_freeipa: not-affected (3.1.2-0ubuntu1)