Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-1347

Опубликовано: 28 июл. 2015
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2015-1347: pki-core security and bug fix update (MODERATE)

[9.0.3-43]

  • Resolves #1225589 - unable to create rhel 7.1 replica from rhel 6 replica CA because subsystem user does not exist

[9.0.3-42]

  • Resolves #1221900 - pki-core: cross-site scripting flaw in the dogtag administration page (port 9180, port 9444) [rhel-6.7]

[9.0.3-41]

  • Resolves #1212557 - ipa-server-install fails when configuring CA

[9.0.3-40]

  • Resolves #1171848 - IPA - port 9443 (pki-core) is vulnerable to SSLv3 POODLE (based upon upstream changes provided by cfu and alee)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

pki-ca

9.0.3-43.el6

pki-common

9.0.3-43.el6

pki-common-javadoc

9.0.3-43.el6

pki-java-tools

9.0.3-43.el6

pki-java-tools-javadoc

9.0.3-43.el6

pki-native-tools

9.0.3-43.el6

pki-selinux

9.0.3-43.el6

pki-setup

9.0.3-43.el6

pki-silent

9.0.3-43.el6

pki-symkey

9.0.3-43.el6

pki-util

9.0.3-43.el6

pki-util-javadoc

9.0.3-43.el6

Oracle Linux i686

pki-ca

9.0.3-43.el6

pki-common

9.0.3-43.el6

pki-common-javadoc

9.0.3-43.el6

pki-java-tools

9.0.3-43.el6

pki-java-tools-javadoc

9.0.3-43.el6

pki-native-tools

9.0.3-43.el6

pki-selinux

9.0.3-43.el6

pki-setup

9.0.3-43.el6

pki-silent

9.0.3-43.el6

pki-symkey

9.0.3-43.el6

pki-util

9.0.3-43.el6

pki-util-javadoc

9.0.3-43.el6

Связанные CVE

CVE-2012-2662

Ссылки на источники

Связанные уязвимости

redhat логотип

CVE-2012-2662

redhat
около 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.

nvd логотип

CVE-2012-2662

nvd
около 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.

github логотип

GHSA-4x57-6h7g-39hp

github
больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages.