pki-core:10.6 security update

エラータID: AXSA:2021-1628:01

Release date: 
Saturday, April 3, 2021 - 03:26
Subject: 
pki-core:10.6 security update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Asianux Certificate System.

Security Fix(es):

* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-20179
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.

Modularity name: [security-high]pki-core
Stream name: 10.6

Solution: 

Update packages.

CVEs: 
CVE-2021-20179
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.
Additional Info: 

N/A

Download: 

SRPMS
  1. jss-4.7.3-1.0.1.module+el8+1227+0be6a0ca.src.rpm
    MD5: f0b78a06dcfdbed8af2edb8937d439ed
    SHA-256: cda8185bcf2763ede3ec0007e6cf03ce44e605f5c14ed2f7c01040c16b05a084
    Size: 0.96 MB
  2. ldapjdk-4.22.0-1.module+el8+1227+0be6a0ca.src.rpm
    MD5: a6583108389398d1fa9f114e04873836
    SHA-256: 668694b9f7b66ab6c8c982874657fd1c21c36ba22506c7ad17e84c0a4d90b675
    Size: 2.83 MB
  3. pki-core-10.9.4-3.module+el8+1227+0be6a0ca.src.rpm
    MD5: 6b7a25ee72d0644d6b5d1cd396a7b0fc
    SHA-256: c141867c708cb4c77b360bca7c9d0b5ce47ffac94b14d45a32a02ea66d0844d0
    Size: 9.76 MB
  4. tomcatjss-7.5.0-1.module+el8+1227+0be6a0ca.src.rpm
    MD5: 196a3d0a2143f8e9efe50796d9d6eef9
    SHA-256: 6ff720f2a05df021714eda6c2891f010d5cc889b9007c48af314c2b91dcb21d8
    Size: 48.67 kB

Asianux Server 8 for x86_64
  1. jss-4.7.3-1.0.1.module+el8+1227+0be6a0ca.x86_64.rpm
    MD5: 59266127000fd777084643eaac12b3b3
    SHA-256: 0e6546f0b53bcaedf1a4193f0f22a654b5b5ce8fa272e4333cda5fcd48e192cb
    Size: 1.17 MB
  2. jss-debugsource-4.7.3-1.0.1.module+el8+1227+0be6a0ca.x86_64.rpm
    MD5: 10eea3fc83046a3d1799d6791839e20e
    SHA-256: 1336e31318b9277382d2c0484d48a8c4b6b8bec5801fadc8e0dfc21719bd70bf
    Size: 139.51 kB
  3. jss-javadoc-4.7.3-1.0.1.module+el8+1227+0be6a0ca.x86_64.rpm
    MD5: 6b52dd277ca1508fbae1c22c5961b3df
    SHA-256: 02ff268a57ceaea7cfcfbcf121a58029324ebd405d9a02709331c0d0ae1aab52
    Size: 0.99 MB
  4. ldapjdk-4.22.0-1.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 8961b18adb80b07c1ef89925bbbe1158
    SHA-256: aa029d23dc8de7584aa702e3467ee3564328eb8e34273c594a73a2334048c3a5
    Size: 321.62 kB
  5. ldapjdk-javadoc-4.22.0-1.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: da28b10a7c6eccf90d232bcd01f43943
    SHA-256: d4f76d628d45d0207e06bd8aebff8fa6b0386d7e385ec638eb95779d2dcd384d
    Size: 48.78 kB
  6. pki-base-10.9.4-3.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 0f7f5b6add552d3b46442fc1c3cdb9ce
    SHA-256: e8bd258913911f575747ffeec5a002f7076020fed28d26e3cba589b0376057a8
    Size: 292.48 kB
  7. pki-base-java-10.9.4-3.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 8a456c31a0360e78bb29809744c548ec
    SHA-256: b232ef54e8ce5657cf61dc36429f3f98f1211f79b470dd2de46dc0f3e2e6c61a
    Size: 697.00 kB
  8. pki-ca-10.9.4-3.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 4f9911a23d0bfc02d6d065a6595f0e7e
    SHA-256: d1575c45414a5ea5cd6fc3af2b55766a609d98a26c23ac87262ec42a1f5c915c
    Size: 574.42 kB
  9. pki-core-debugsource-10.9.4-3.module+el8+1227+0be6a0ca.x86_64.rpm
    MD5: cf5158816ecc36ed09aec948eac988c6
    SHA-256: 1f0e614008b9eb292c04313c78aedc14ded65761d4bf6ed1544c0d351582d0f5
    Size: 361.68 kB
  10. pki-kra-10.9.4-3.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 32498db6be165442df028cc805a8e9db
    SHA-256: ee7e378c5a66fc0f65c4dcc41ec95f430b2049a88dbaaef9d2099ea98882c52f
    Size: 199.33 kB
  11. pki-server-10.9.4-3.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 9a3a238d88c89ba1656acad53c6429d5
    SHA-256: 1324ed5339c6e20ef9708e73b4464ff6c3080d2a148a25cdf71cd0d061168fef
    Size: 3.46 MB
  12. pki-symkey-10.9.4-3.module+el8+1227+0be6a0ca.x86_64.rpm
    MD5: 9be897813de0c5bf6cc09ab4eb8ba8c5
    SHA-256: 0aba2f8baba3079f4a86e8c57c900e41ea99ebea6aad049418a8dc3208489235
    Size: 53.37 kB
  13. pki-tools-10.9.4-3.module+el8+1227+0be6a0ca.x86_64.rpm
    MD5: 94ef7a03d8c4bf04b46214af1fae5531
    SHA-256: 1dec887eaeb770b3580058fe502dfaee10590e41b182c9c4421dddd1d3f8d531
    Size: 731.76 kB
  14. python3-pki-10.9.4-3.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: f91fd844f07c05d007335e73c3c0a253
    SHA-256: 7275f293b31122168e151bd9556d2ed61b1c6e979f3fa444b741ea0d5f1cb5f7
    Size: 161.72 kB
  15. tomcatjss-7.5.0-1.module+el8+1227+0be6a0ca.noarch.rpm
    MD5: 912932a5ae8ad6a0dcbc7bdf4b2c72a9
    SHA-256: 06b1b222283f38671b9e43e4520e1b23e772f7a1106b18ebdda13c5dcdac89a1
    Size: 41.86 kB