Описание
ELSA-2024-4367: pki-core security update (IMPORTANT)
jss ldapjdk pki-core [10.15.1-1.0.1]
- Remove upstream reference
[10.15.1-1]
- Rebase to PKI 10.15.1
- Fix CVE 2023-4727
resteasy tomcatjss
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module pki-core:10.6 is enabled
idm-jss
4.11.0-1.module+el8.10.0+90362+5113f0b5
idm-jss-javadoc
4.11.0-1.module+el8.10.0+90362+5113f0b5
idm-ldapjdk
4.24.0-1.module+el8.10.0+90362+5113f0b5
idm-ldapjdk-javadoc
4.24.0-1.module+el8.10.0+90362+5113f0b5
idm-pki-acme
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-base
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-base-java
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-ca
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-kra
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-server
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-symkey
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-tools
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-tomcatjss
7.8.0-1.module+el8.10.0+90362+5113f0b5
python3-idm-pki
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
resteasy
3.0.26-7.module+el8.10.0+90362+5113f0b5
resteasy-javadoc
3.0.26-7.module+el8.10.0+90362+5113f0b5
Oracle Linux x86_64
Module pki-core:10.6 is enabled
idm-jss
4.11.0-1.module+el8.10.0+90362+5113f0b5
idm-jss-javadoc
4.11.0-1.module+el8.10.0+90362+5113f0b5
idm-ldapjdk
4.24.0-1.module+el8.10.0+90362+5113f0b5
idm-ldapjdk-javadoc
4.24.0-1.module+el8.10.0+90362+5113f0b5
idm-pki-acme
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-base
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-base-java
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-ca
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-kra
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-server
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-symkey
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-pki-tools
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
idm-tomcatjss
7.8.0-1.module+el8.10.0+90362+5113f0b5
python3-idm-pki
10.15.1-1.0.1.module+el8.10.0+90362+5113f0b5
resteasy
3.0.26-7.module+el8.10.0+90362+5113f0b5
resteasy-javadoc
3.0.26-7.module+el8.10.0+90362+5113f0b5
Связанные CVE
Связанные уязвимости
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
A flaw was found in dogtag-pki and pki-core. The token authentication ...
