diff --git a/SOURCES/0001-Bug-1992337-Double-issuance-of-non-CA-subsystem-cert.patch b/SOURCES/0001-Bug-1992337-Double-issuance-of-non-CA-subsystem-cert.patch new file mode 100644 index 0000000..f0ec3e0 --- /dev/null +++ b/SOURCES/0001-Bug-1992337-Double-issuance-of-non-CA-subsystem-cert.patch @@ -0,0 +1,30 @@ +From 63cf2895f5d5a37bb09f3e889b8584b0bb0dce06 Mon Sep 17 00:00:00 2001 +From: Christina Fu +Date: Wed, 11 Aug 2021 09:19:59 -0700 +Subject: [PATCH] Bug 1992337 - Double issuance of non-CA subsystem certs at + installation + +This patch removes an extra profile.submit() call that was accidentally left +off during manual cherry-picking of another bug (1905374): +commit 8e78a2b912e7c3bd015e4da1f1630d0f35145104 (HEAD -> DOGTAG_10_5_BRANCH, origin/DOGTAG_10_5_BRANCH) + +fixes https://bugzilla.redhat.com/show_bug.cgi?id=1905374 +--- + .../main/java/com/netscape/cms/servlet/cert/CertProcessor.java | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java b/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java +index a5626d032..849d6b368 100644 +--- a/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java ++++ b/base/ca/src/main/java/com/netscape/cms/servlet/cert/CertProcessor.java +@@ -250,7 +250,6 @@ public class CertProcessor extends CAProcessor { + + logger.info("CertProcessor: Submitting certificate request to " + profile.getId() + " profile"); + +- profile.submit(authToken, req); + profile.submit(authToken, req, explicitApprovalRequired); + + req.setRequestStatus(RequestStatus.COMPLETE); +-- +2.31.1 + diff --git a/SPECS/pki-core.spec b/SPECS/pki-core.spec index 680e3b6..0664616 100644 --- a/SPECS/pki-core.spec +++ b/SPECS/pki-core.spec @@ -13,7 +13,7 @@ License: GPLv2 and LGPLv2 # For development (i.e. unsupported) releases, use x.y.z-0.n.. # For official (i.e. supported) releases, use x.y.z-r where r >=1. Version: 10.11.0 -Release: 1%{?_timestamp}%{?_commit_id}%{?dist} +Release: 2%{?_timestamp}%{?_commit_id}%{?dist} #global _phase -alpha1 # To create a tarball from a version tag: @@ -30,6 +30,7 @@ Source: https://github.com/dogtagpki/pki/archive/v%{version}%{?_phase}/pki-%{ver # \ # > pki-VERSION-RELEASE.patch # Patch: pki-VERSION-RELEASE.patch +Patch1: 0001-Bug-1992337-Double-issuance-of-non-CA-subsystem-cert.patch # md2man isn't available on i686. Additionally, we aren't generally multi-lib # compatible (https://fedoraproject.org/wiki/Packaging:Java) @@ -1361,6 +1362,9 @@ fi ################################################################################ %changelog +* Thu Aug 12 2021 Red Hat PKI Team 10.11.0-2 +- Bug 1992337 - Double issuance of non-CA subsystem certs at installation + * Mon Jul 26 2021 Red Hat PKI Team 10.11.0-1 - Rebase to PKI 10.11.0