Описание
ELSA-2021-1775: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (MODERATE)
apache-commons-collections jss [4.8.1-2]
- Bug 1932803 - HSM + FIPS: CMCRequest with a shared secret resulting in error
[4.8.1-1]
- Rebase to upstream JSS v4.8.1
- Red Hat Bugilla #1908541 - jss broke SCEP - missing PasswordChallenge class
- Red Hat Bugilla #1489256 - [RFE] jss should support RSA with OAEP padding
[4.8.0-2]
- Only check PKCS11Constants on beta builds
- Bump tomcatjss, pki-core conflicts due to lang3
[4.8.0-1]
- Rebase to upstream JSS v4.8.0
[4.8.0-0.1]
- Rebase to upstream JSS v4.8.0-b1
pki-core [10.10.5-2.0.1]
- Remove upstream reference.
[10.10.5-2]
- Bug 1914396 - CVE-2021-20179 pki-core:10.6/pki-core: Unprivileged users can renew any certificate
[10.10.5-1]
- Rebase to PKI 10.10.5
- Bug 1929067 - PKI instance creation failed with new 389-ds-base build
pki-servlet-engine [1:9.0.30-1]
- Resolves: rhbz#1721684 Rebase pki-servlet-engine to 9.0.30
- Update to JWS 5.3.0 distribution
- Remove new dependencies that PKI doesnt need (and are not provided by RHEL 8)
resteasy [3.0.26-6]
- CVE-2020-1695: Improper validation of response header in MediaTypeHeaderDelegate.java class Resolves: rh-bz#1845548
tomcatjss [7.6.1-1]
- Rebase to TomcatJSS 7.6.1
[7.6.0-2]
- Bump dependency to JSS 4.8.0
- Remove unsupported platforms
[7.6.0-1]
- Rebase to TomcatJSS 7.6.0
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module pki-core:10.6 is enabled
jss
4.8.1-2.module+el8.4.0+20154+9830f79e
jss-javadoc
4.8.1-2.module+el8.4.0+20154+9830f79e
ldapjdk
4.22.0-1.module+el8.3.0+7857+983338ee
ldapjdk-javadoc
4.22.0-1.module+el8.3.0+7857+983338ee
pki-acme
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-base
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-base-java
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-ca
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-kra
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-server
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-symkey
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-tools
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
python3-pki
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
tomcatjss
7.6.1-1.module+el8.4.0+20053+7cddd5b6
Module pki-deps:10.6 is enabled
apache-commons-collections
3.2.2-10.module+el8.3.0+7697+44932688
apache-commons-lang
2.6-21.module+el8.3.0+7697+44932688
apache-commons-net
3.6-3.module+el8.3.0+7697+44932688
bea-stax-api
1.2.0-16.module+el8.3.0+7697+44932688
glassfish-fastinfoset
1.2.13-9.module+el8.3.0+7697+44932688
glassfish-jaxb-api
2.2.12-8.module+el8.3.0+7697+44932688
glassfish-jaxb-core
2.2.11-11.module+el8.3.0+7697+44932688
glassfish-jaxb-runtime
2.2.11-11.module+el8.3.0+7697+44932688
glassfish-jaxb-txw2
2.2.11-11.module+el8.3.0+7697+44932688
jackson-annotations
2.10.0-1.module+el8.3.0+7697+44932688
jackson-core
2.10.0-1.module+el8.3.0+7697+44932688
jackson-databind
2.10.0-1.module+el8.3.0+7697+44932688
jackson-jaxrs-json-provider
2.9.9-1.module+el8.3.0+7697+44932688
jackson-jaxrs-providers
2.9.9-1.module+el8.3.0+7697+44932688
jackson-module-jaxb-annotations
2.7.6-4.module+el8.3.0+7697+44932688
jakarta-commons-httpclient
3.1-28.module+el8.3.0+7697+44932688
javassist
3.18.1-8.module+el8.3.0+7697+44932688
javassist-javadoc
3.18.1-8.module+el8.3.0+7697+44932688
pki-servlet-4.0-api
9.0.30-1.module+el8.3.0+7697+44932688
pki-servlet-engine
9.0.30-1.module+el8.3.0+7697+44932688
python-nss-doc
1.0.1-10.module+el8.3.0+7697+44932688
python3-nss
1.0.1-10.module+el8.3.0+7697+44932688
relaxngDatatype
2011.1-7.module+el8.3.0+7697+44932688
resteasy
3.0.26-6.module+el8.4.0+20041+bb8828ef
slf4j
1.7.25-4.module+el8.3.0+7697+44932688
slf4j-jdk14
1.7.25-4.module+el8.3.0+7697+44932688
stax-ex
1.7.7-8.module+el8.3.0+7697+44932688
velocity
1.7-24.module+el8.3.0+7697+44932688
xalan-j2
2.7.1-38.module+el8.3.0+7697+44932688
xerces-j2
2.11.0-34.module+el8.3.0+7697+44932688
xml-commons-apis
1.4.01-25.module+el8.3.0+7697+44932688
xml-commons-resolver
1.2-26.module+el8.3.0+7697+44932688
xmlstreambuffer
1.5.4-8.module+el8.3.0+7697+44932688
xsom
0-19.20110809svn.module+el8.3.0+7697+44932688
Oracle Linux x86_64
Module pki-core:10.6 is enabled
jss
4.8.1-2.module+el8.4.0+20154+9830f79e
jss-javadoc
4.8.1-2.module+el8.4.0+20154+9830f79e
ldapjdk
4.22.0-1.module+el8.3.0+7857+983338ee
ldapjdk-javadoc
4.22.0-1.module+el8.3.0+7857+983338ee
pki-acme
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-base
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-base-java
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-ca
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-kra
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-server
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-symkey
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
pki-tools
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
python3-pki
10.10.5-2.0.1.module+el8.4.0+20154+9830f79e
tomcatjss
7.6.1-1.module+el8.4.0+20053+7cddd5b6
Module pki-deps:10.6 is enabled
apache-commons-collections
3.2.2-10.module+el8.3.0+7697+44932688
apache-commons-lang
2.6-21.module+el8.3.0+7697+44932688
apache-commons-net
3.6-3.module+el8.3.0+7697+44932688
bea-stax-api
1.2.0-16.module+el8.3.0+7697+44932688
glassfish-fastinfoset
1.2.13-9.module+el8.3.0+7697+44932688
glassfish-jaxb-api
2.2.12-8.module+el8.3.0+7697+44932688
glassfish-jaxb-core
2.2.11-11.module+el8.3.0+7697+44932688
glassfish-jaxb-runtime
2.2.11-11.module+el8.3.0+7697+44932688
glassfish-jaxb-txw2
2.2.11-11.module+el8.3.0+7697+44932688
jackson-annotations
2.10.0-1.module+el8.3.0+7697+44932688
jackson-core
2.10.0-1.module+el8.3.0+7697+44932688
jackson-databind
2.10.0-1.module+el8.3.0+7697+44932688
jackson-jaxrs-json-provider
2.9.9-1.module+el8.3.0+7697+44932688
jackson-jaxrs-providers
2.9.9-1.module+el8.3.0+7697+44932688
jackson-module-jaxb-annotations
2.7.6-4.module+el8.3.0+7697+44932688
jakarta-commons-httpclient
3.1-28.module+el8.3.0+7697+44932688
javassist
3.18.1-8.module+el8.3.0+7697+44932688
javassist-javadoc
3.18.1-8.module+el8.3.0+7697+44932688
pki-servlet-4.0-api
9.0.30-1.module+el8.3.0+7697+44932688
pki-servlet-engine
9.0.30-1.module+el8.3.0+7697+44932688
python-nss-doc
1.0.1-10.module+el8.3.0+7697+44932688
python3-nss
1.0.1-10.module+el8.3.0+7697+44932688
relaxngDatatype
2011.1-7.module+el8.3.0+7697+44932688
resteasy
3.0.26-6.module+el8.4.0+20041+bb8828ef
slf4j
1.7.25-4.module+el8.3.0+7697+44932688
slf4j-jdk14
1.7.25-4.module+el8.3.0+7697+44932688
stax-ex
1.7.7-8.module+el8.3.0+7697+44932688
velocity
1.7-24.module+el8.3.0+7697+44932688
xalan-j2
2.7.1-38.module+el8.3.0+7697+44932688
xerces-j2
2.11.0-34.module+el8.3.0+7697+44932688
xml-commons-apis
1.4.01-25.module+el8.3.0+7697+44932688
xml-commons-resolver
1.2-26.module+el8.3.0+7697+44932688
xmlstreambuffer
1.5.4-8.module+el8.3.0+7697+44932688
xsom
0-19.20110809svn.module+el8.3.0+7697+44932688
Связанные CVE
Связанные уязвимости
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final ...
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update