Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2013-0511

Опубликовано: 22 фев. 2013
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2013-0511: pki-core security, bug fix and enhancement update (MODERATE)

[9.0.3-30]

  • Resolves #902474 - upgrading IPA from 2.2 to 3.0 sees certmonger errors

[9.0.3-29]

  • Resolves #891985 - Increase FreeIPA root CA validity

[9.0.3-28]

  • Resolves #885790 - Multiple cross-site scripting flaws by displaying CRL or processing profile

[9.0.3-27]

  • Resolves #867640 - ipa-replica-install Configuration of CA failed by REVERTING #819111 - Non-existent container breaks replication

[9.0.3-26]

  • Resolves #844459 - Increase audit cert renewal range to 2 years (mharmsen)
  • Resolves #841663 - serial number incorrectly cast from BigInt to integer in installation wizard (mharmsen)
  • Resolves #858864 - create/ identify a mechanism for clients to determine that the pki subsystem is up (alee)

[9.0.3-25]

  • Resolves #819111 - Non-existent container breaks replication

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

pki-ca

9.0.3-30.el6

pki-common

9.0.3-30.el6

pki-common-javadoc

9.0.3-30.el6

pki-java-tools

9.0.3-30.el6

pki-java-tools-javadoc

9.0.3-30.el6

pki-native-tools

9.0.3-30.el6

pki-selinux

9.0.3-30.el6

pki-setup

9.0.3-30.el6

pki-silent

9.0.3-30.el6

pki-symkey

9.0.3-30.el6

pki-util

9.0.3-30.el6

pki-util-javadoc

9.0.3-30.el6

Oracle Linux i686

pki-ca

9.0.3-30.el6

pki-common

9.0.3-30.el6

pki-common-javadoc

9.0.3-30.el6

pki-java-tools

9.0.3-30.el6

pki-java-tools-javadoc

9.0.3-30.el6

pki-native-tools

9.0.3-30.el6

pki-selinux

9.0.3-30.el6

pki-setup

9.0.3-30.el6

pki-silent

9.0.3-30.el6

pki-symkey

9.0.3-30.el6

pki-util

9.0.3-30.el6

pki-util-javadoc

9.0.3-30.el6

Связанные CVE

CVE-2012-4543

Ссылки на источники

Связанные уязвимости

redhat логотип

CVE-2012-4543

redhat
почти 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.

nvd логотип

CVE-2012-4543

nvd
почти 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.

github логотип

GHSA-3rg2-g53j-xh7w

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSize to the displayCRL script, or (3) nonce variable to the profileProcess script.