pki-core-10.5.18-23.el7

エラータID: AXSA:2022-3912:03

Release date: 
Monday, October 24, 2022 - 20:57
Subject: 
pki-core-10.5.18-23.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Asianux Certificate System.

Security Fix(es):

* pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field (CVE-2022-2393)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-2393
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.

Solution: 

Update packages.

CVEs: 
CVE-2022-2393
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.
Additional Info: 

N/A

Download: 

SRPMS
  1. pki-core-10.5.18-23.el7.src.rpm
    MD5: 58c70cc9aeb7aa3ce39c81e246e0fc8b
    SHA-256: aaf7cf59c56f28816710ea9f1e651ca032338a31091a45b63d222afb8ae9aa50
    Size: 4.90 MB

Asianux Server 7 for x86_64
  1. pki-base-10.5.18-23.el7.noarch.rpm
    MD5: 012be189398a4718527199e1194699e1
    SHA-256: 8db0fe114c3c0f9f2499b9679a17eb1b6d3975432385332bf39254ae305d9570
    Size: 438.12 kB
  2. pki-base-java-10.5.18-23.el7.noarch.rpm
    MD5: 04718d745b74a86083edc6b9f752c54b
    SHA-256: d4f61d8080d1e6973d068f6b92449be4879b91cbbc1b071b85a929be8e91f92d
    Size: 1.22 MB
  3. pki-ca-10.5.18-23.el7.noarch.rpm
    MD5: fa9fdc2fae21764ca7bfacf4a77ef818
    SHA-256: ac1f5333babeadaa8eb1742f1a5e7ffda808f20ef1c085f170bcef627df2c8f7
    Size: 493.94 kB
  4. pki-kra-10.5.18-23.el7.noarch.rpm
    MD5: 3f0572289f7e27e19750709a9db004b6
    SHA-256: 3448ad47bcf4279dfc33fb7dfcefe5ebc6a9537e5b3fb6fef7d64b592b4d7b45
    Size: 315.76 kB
  5. pki-server-10.5.18-23.el7.noarch.rpm
    MD5: 822982c1614de95a226fe2c17dce3b03
    SHA-256: 3ce16b9d5405005fef8d8b57c875b057f7ac2d5666ff4f2faee7217eaeec3871
    Size: 2.95 MB
  6. pki-symkey-10.5.18-23.el7.x86_64.rpm
    MD5: 7a7786d182e57b361776f9d91b478314
    SHA-256: 490c9b816122e76effc40da53e50119425635a96f343668e6356cfb7677e609b
    Size: 177.71 kB
  7. pki-tools-10.5.18-23.el7.x86_64.rpm
    MD5: c5e83a15a405acd8c2bfb4a69f95058c
    SHA-256: b7941af14d01da19ed30a2995d5cc42ad7601039da3743ff4b09daa7ceba30de
    Size: 775.73 kB