pki-deps:10.6 security and bug fix update

エラータID: AXSA:2022-4438:01

Release date: 
Friday, December 16, 2022 - 08:37
Subject: 
pki-deps:10.6 security and bug fix update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Public Key Infrastructure (PKI) Core contains fundamental packages required
by Asianux Certificate System.

Security Fix(es):

* pki-core: access to external entities when parsing XML can lead to XXE
(CVE-2022-2414)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2022-2414
Access to external entities when parsing XML documents can lead to XML external
entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve
the content of arbitrary files by sending specially crafted HTTP requests.

Modularity name: pki-deps
Stream name: 10.6

Solution: 

Update packages.

CVEs: 
CVE-2022-2414
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
Additional Info: 

N/A

Download: 

SRPMS
  1. apache-commons-collections-3.2.2-10.module+el8+1556+4cdea58a.src.rpm
    MD5: 978434d177da21ea92d471cec6d6e038
    SHA-256: 37b3330629f920798043eaa1fa54cfbf6125fda3abde5fe3c44ca4fb12311dd6
    Size: 631.54 kB
  2. apache-commons-lang-2.6-21.module+el8+1556+4cdea58a.src.rpm
    MD5: 0be79c2370f565667022b5d111541aee
    SHA-256: 61df1030d38e749d377357b31d54da5cf4cda8a06a48d6bdf25ae486d4244f2e
    Size: 564.15 kB
  3. apache-commons-net-3.6-3.module+el8+1556+4cdea58a.src.rpm
    MD5: 4ad8100b3db41cb5f48cc2901ebfcae9
    SHA-256: 6ac21305c65a27f61e0ab811fed098a9c2f3fe94fd85ab849222379ae558bf86
    Size: 433.46 kB
  4. bea-stax-1.2.0-16.module+el8+1556+4cdea58a.src.rpm
    MD5: a8ada5d6de36b774ee2fed939d16f4b8
    SHA-256: 17b668541cc955c07c8e9b2a82bca39cbe27dcb637d091a4091b7a05d3152c90
    Size: 295.00 kB
  5. fasterxml-oss-parent-26-6.module+el8+1556+4cdea58a.src.rpm
    MD5: 80a3575216b54c19d33c96b98a4b4c4e
    SHA-256: fec5cdeb9bf688cbedb026559ad36763a14323480e8bc5c1edb46cff7ae7f662
    Size: 20.72 kB
  6. glassfish-fastinfoset-1.2.13-9.module+el8+1556+4cdea58a.src.rpm
    MD5: 849f06606a2f3dbcc48c515b60ca5159
    SHA-256: 3445b0e35c7aae9d83fc085ecfabfd4803b7d5fd20ba2346750ce5c2aac0e71a
    Size: 1.52 MB
  7. glassfish-jaxb-api-2.2.12-8.module+el8+1556+4cdea58a.src.rpm
    MD5: 4ff02453123a2d63e9305d268d057b6d
    SHA-256: 1838d7a074ec2dbbb45883c3a56ff3b029b86448e75e82b6b8169a66394c06fe
    Size: 241.89 kB
  8. glassfish-jaxb-2.2.11-11.module+el8+1556+4cdea58a.src.rpm
    MD5: ac56fb60cfa8f32badea1faa6d4f870a
    SHA-256: b3b6cad655be4569b550ca31b874b1cbb8ad9845cf5232ab161c2cabb84f89fb
    Size: 4.40 MB
  9. glassfish-jax-rs-api-2.0.1-6.module+el8+1556+4cdea58a.src.rpm
    MD5: e3618f7fa92207ee2f95b6a961b7ef24
    SHA-256: 960810d7154b6ddaafe89101d55fc7da9853f2cad43f21bdf59d3e0370dcc2e6
    Size: 230.19 kB
  10. jackson-annotations-2.10.0-1.module+el8+1556+4cdea58a.src.rpm
    MD5: b2d3b52ec2ef8ee9f3d224831daabcd2
    SHA-256: 9ac738ddb251fe8a1db2cee8decf4173cea26b12f0044516ee83ab8f0a464e59
    Size: 67.72 kB
  11. jackson-bom-2.10.0-1.module+el8+1556+4cdea58a.src.rpm
    MD5: 82c6279bf8029c8f41cea80fa88f5249
    SHA-256: 177b390afe43ae8d33feb2a5e833a6f8681727bf4088bf68637d65bdf7c61636
    Size: 22.34 kB
  12. jackson-core-2.10.0-1.module+el8+1556+4cdea58a.src.rpm
    MD5: ca9255513776e41fb6ef00f044581586
    SHA-256: b8add37ba2c585d26911165c1e5c0023d8b334b6076cf4b8e6b5a24c54a0ff7c
    Size: 439.53 kB
  13. jackson-databind-2.10.0-1.module+el8+1556+4cdea58a.src.rpm
    MD5: 34507b6ce7da81e4dd6c51ed7d6ac51b
    SHA-256: 3b247dded61b0ec694cafee6675c24bf766465709665594ad8c67dfd61f6fc3c
    Size: 1.25 MB
  14. jackson-jaxrs-providers-2.9.9-1.module+el8+1556+4cdea58a.src.rpm
    MD5: 4c879573a47d7578da61c1e80c9d29fb
    SHA-256: 8d50df8c60ff844eb0c983e0d49aff7aab945d69c06c09805583c87c1b4512d5
    Size: 1.21 MB
  15. jackson-module-jaxb-annotations-2.7.6-4.module+el8+1556+4cdea58a.src.rpm
    MD5: ced24ffacd304094c7f629eef935e187
    SHA-256: 970e76137c5bf4a9f43a206e08fb0c7454db089259a331a1cbb555f864732dfa
    Size: 53.95 kB
  16. jackson-parent-2.10-1.module+el8+1556+4cdea58a.src.rpm
    MD5: 239f5f390ab1a7d70e1f6fe4fd22f687
    SHA-256: fb9d2feaaaea30b689951363ed0add6c4aaa38f0b52c7fe98224d2cd8f62d496
    Size: 17.26 kB
  17. jakarta-commons-httpclient-3.1-28.module+el8+1556+4cdea58a.src.rpm
    MD5: cdca7bfc7628cf6326d42d22c9a95604
    SHA-256: af2c44b8816f4414fd9dafe5b8c2d83c94dfaa5067dfef3fb167b67daeaaae2d
    Size: 1.81 MB
  18. javassist-3.18.1-8.module+el8+1556+4cdea58a.src.rpm
    MD5: 89f49c343370c6a8dc2eac8870f60423
    SHA-256: d6808311ded4c0b079645ba707040362d61aa0cbd29f60302f70f87b055c5012
    Size: 1.13 MB
  19. msv-2013.6.1-10.module+el8+1556+4cdea58a.src.rpm
    MD5: ff47903fa82f99d229765025a9e4812e
    SHA-256: 07a50332e78888f4a6b84170982806af53603d8f0099e9d08da49831142a4f2d
    Size: 768.27 kB
  20. pki-servlet-engine-9.0.50-1.module+el8+1556+4cdea58a.src.rpm
    MD5: d6973217ca39b8a7c1318074f0613f94
    SHA-256: 09ffd81521911f798ab74bfc428e79ebb1f3871bd7fb31b25038eae09af7a490
    Size: 14.16 MB
  21. python-nss-1.0.1-10.module+el8+1556+4cdea58a.ML.1.src.rpm
    MD5: edd862b75c215b6ee2c07665a146c221
    SHA-256: 7a876dc1675a918a56e091ef156594971fbcbece1fe0e6bf8bed582f2de400e5
    Size: 281.93 kB
  22. relaxngcc-1.12-14.module+el8+1556+4cdea58a.src.rpm
    MD5: 23c8b71e0a7558d90147a230b9722289
    SHA-256: 4f22d5d9436f1c732ead91b5da2db81abd1d04d7da6f8f34d88db0620671a24a
    Size: 2.03 MB
  23. relaxngDatatype-2011.1-7.module+el8+1556+4cdea58a.src.rpm
    MD5: ae7938410e36ab1dd49435f5f67aebc3
    SHA-256: 5c23096278695e99223af804d06b2689e177a992354178f40c66bfd65f0c01ed
    Size: 22.18 kB
  24. resteasy-3.0.26-6.module+el8+1556+4cdea58a.src.rpm
    MD5: a5a9a94f64e303ee8e99d6708cea0fc5
    SHA-256: 9ef24e5eba7e68b77be23d999d2c6e6dfb48bf90b8128548fc65f0b0e6e6bdea
    Size: 7.46 MB
  25. slf4j-1.7.25-4.module+el8+1556+4cdea58a.src.rpm
    MD5: e8d8fefe0d177dbaca0385801ae61c37
    SHA-256: bfa7c42a74584c513069836be3101f405544c4d6c791bcf56d8febcd27be33eb
    Size: 3.29 MB
  26. stax-ex-1.7.7-8.module+el8+1556+4cdea58a.src.rpm
    MD5: 9fe95ea1495be324b59cee7427913c66
    SHA-256: cc0fbb09ce4b63e0cf52a203995ac66075ca5609de5c04695cfa709f038100ab
    Size: 49.05 kB
  27. velocity-1.7-24.module+el8+1556+4cdea58a.src.rpm
    MD5: 08b9a76d91c1a4dd2c85294a13607de2
    SHA-256: bb59d49e4a32616d48b0ddeaf8c854eb6927a09a80014dd84e6afb2b47850db2
    Size: 1.51 MB
  28. xalan-j2-2.7.1-38.module+el8+1556+4cdea58a.src.rpm
    MD5: 91cfccfeb017e3a7630c6ad17c4095ac
    SHA-256: 492950256dfb0d67a439e02b18a4aa075850709c92feff01b04a8a1e7249f0c1
    Size: 3.24 MB
  29. xerces-j2-2.11.0-34.module+el8+1556+4cdea58a.src.rpm
    MD5: af93233fdc4c5184444d8d25adf9b686
    SHA-256: 793aa9ee4eb90148befbcd2a2ea3d4b1cce3c0e2724b10e4c616cb3a8c28b5a8
    Size: 1.74 MB
  30. xml-commons-apis-1.4.01-25.module+el8+1556+4cdea58a.src.rpm
    MD5: 86d4168277dec10b8eea92aaba498e96
    SHA-256: 1ffc260c1acfe1d67e41b1f1df968153766af989dd61aadfc554c988f27e971f
    Size: 941.07 kB
  31. xml-commons-resolver-1.2-26.module+el8+1556+4cdea58a.src.rpm
    MD5: d7e48e5469c5ad72443f15ca684b8066
    SHA-256: 762c4a307f1542370232cf72859b2aaefd3bb15871a767da24a3e5b63cacb22d
    Size: 273.42 kB
  32. xmlstreambuffer-1.5.4-8.module+el8+1556+4cdea58a.src.rpm
    MD5: 8e6088bc1e44d9a43f4a39266801d505
    SHA-256: 312305c52e248bdb66a3ad45feaa9d8f4c6896afc99ebbae4a9dda85defcf805
    Size: 64.55 kB
  33. xml-stylebook-1.0-0.25.b3_xalan2.svn313293.module+el8+1556+4cdea58a.src.rpm
    MD5: 15429ba6a17a56c0a02143ebe7921a31
    SHA-256: b45305546841fda9f7a6590d06f8996b6e6b59b15e66a9fe5590d48f534f7c42
    Size: 1.13 MB
  34. xsom-0-19.20110809svn.module+el8+1556+4cdea58a.src.rpm
    MD5: 771c3ca8fe9d47377f3f820ce4f64b10
    SHA-256: c5942063742cf344628f3bcb468861af7db3e4023da4d141c4d26ce69a14d818
    Size: 387.96 kB

Asianux Server 8 for x86_64
  1. apache-commons-collections-3.2.2-10.module+el8+1556+4cdea58a.noarch.rpm
    MD5: f7f32e75b18d2172e4324071163007f3
    SHA-256: d5a8d30600a5e950b57024cc20bdf8b022d3072520eb05b5b5547e73269c3f8f
    Size: 535.63 kB
  2. apache-commons-lang-2.6-21.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 7fb067a1f902d1d35de73752fbdd41e2
    SHA-256: 40e082e1bb6c8e845910949f21a3c2cc8b44679506b76b6834c788f948c5109e
    Size: 281.30 kB
  3. apache-commons-net-3.6-3.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 5c35ed4bf828bd9923a58393c0d490c2
    SHA-256: 2bc54e28a842da98bbf5e8a86ff5bdfb6c46adcaa9370bf5ab23176aa946e715
    Size: 295.57 kB
  4. bea-stax-api-1.2.0-16.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 63c2193bf92fd12670b7480794f00415
    SHA-256: 95e85dcda712578816498e79566e51b1c9863f1cc7ccd495baa019a7f17af4eb
    Size: 35.55 kB
  5. glassfish-fastinfoset-1.2.13-9.module+el8+1556+4cdea58a.noarch.rpm
    MD5: e8e3d07a9b7f0a33ed39281afb9cd8b1
    SHA-256: 802e057a2d52c9cad292dafa17f9d75b56662dc103425e4bb037cdf7c84f9368
    Size: 352.57 kB
  6. glassfish-jaxb-api-2.2.12-8.module+el8+1556+4cdea58a.noarch.rpm
    MD5: a6cd44ad3719165931f93388458b4ec4
    SHA-256: aeeb1daec7876765b5e8ef03047d9b54020247f08818e96e1bb520226d157119
    Size: 100.29 kB
  7. glassfish-jaxb-core-2.2.11-11.module+el8+1556+4cdea58a.noarch.rpm
    MD5: a7fc87f6668f3ea460deadf185d7e776
    SHA-256: 7657b47ece03b100a4c33d47917d132b1a2d3dbf2f26df2db3165622e06273cd
    Size: 156.89 kB
  8. glassfish-jaxb-runtime-2.2.11-11.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 244b8c58628871e667e08280d39401af
    SHA-256: 90735ee1993ec0774b8e0e7a42e284f4a5c7f0982f1b6574aa5b7814dea37dfb
    Size: 935.73 kB
  9. glassfish-jaxb-txw2-2.2.11-11.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 7cd772a301bcf93bc48d527f78ac7108
    SHA-256: 27230de6736722285a3cc96b2839641a911d7d944ce8287c02419375b8ac63c8
    Size: 89.01 kB
  10. jackson-annotations-2.10.0-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: ad3ef758ac68ceef7a4c436e7c7e38a2
    SHA-256: 699f67e4a944f1a8e5ea090bf3b20b915be23bdf430b095cf0aa4f161d383cdb
    Size: 70.03 kB
  11. jackson-core-2.10.0-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 5e873aa03bec43a5c5c7308d2174f7fc
    SHA-256: 75c4a590e3b5df815dfef5d8f233ec736d55f4c36277bf39545e7e6f65ed2d67
    Size: 343.99 kB
  12. jackson-databind-2.10.0-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 98fd7dfa43dba0d55c71272ccc392b49
    SHA-256: a26adb62e8bc0da9e83edd2b65edf3ad4c7e732b039a6614b94619a61f81a854
    Size: 1.27 MB
  13. jackson-jaxrs-json-provider-2.9.9-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: c24b38f46a62298d4f5f0dc11be92d6a
    SHA-256: aa18a21f8f2901b1e645a3a1eba88071b27f3b15d48ede3bdbedb786bb08e0fc
    Size: 23.13 kB
  14. jackson-jaxrs-providers-2.9.9-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 59eff7ce87a49e1495cb0e9f0192b716
    SHA-256: 03eee8445c6ea526cb2223448f6f904baa51d7e65e6c06e787170fab70f68650
    Size: 43.56 kB
  15. jackson-module-jaxb-annotations-2.7.6-4.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 7750d01171fb3fe45f8021c1b285d00e
    SHA-256: 9c12b1b57bbcad8b2d8d0e60a5cf2516544684f94f2c58c5db94a856a2603061
    Size: 44.56 kB
  16. jakarta-commons-httpclient-3.1-28.module+el8+1556+4cdea58a.noarch.rpm
    MD5: a67a381a67eaf5914a8b2f8313254a97
    SHA-256: ef56d9636a7daf3688b6f735fea144486a0fff3eee90b20ca8a70a27f4bfecad
    Size: 246.55 kB
  17. javassist-3.18.1-8.module+el8+1556+4cdea58a.noarch.rpm
    MD5: d8ff87b42331ae5e06535a212649b8f8
    SHA-256: b52cf6cb871488cf0a218ae61484be52708ac54715bbf39862e9f32a7c0ebdfb
    Size: 680.81 kB
  18. javassist-javadoc-3.18.1-8.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 8407fa471d16fa1502d4c99b07f1a82f
    SHA-256: fc5cb7dc831f481aefaacf7e3427232ba728f49cde90e6518c53c88525f599ff
    Size: 781.00 kB
  19. pki-servlet-4.0-api-9.0.50-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 3f13521c3c5c18a60f70bb2e97eb54dd
    SHA-256: 773fe73ab1357b823174ba1babeb36beeba58aef2b609f5dc2c36c8a966c8844
    Size: 283.13 kB
  20. pki-servlet-engine-9.0.50-1.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 8ce10db8ee3227bae7819e2bc1c1c1ed
    SHA-256: 0caa138d6d96d7842c97456559366f482844365e3c01d7833db34d596ea196ee
    Size: 5.61 MB
  21. python3-nss-1.0.1-10.module+el8+1556+4cdea58a.ML.1.x86_64.rpm
    MD5: 80c1037030e42c72ac248b33650496bc
    SHA-256: 8a74936024637693d8ecc933c3b88768515fdfb1e354e6e62bdf3b82fb0ec58c
    Size: 285.17 kB
  22. python-nss-debugsource-1.0.1-10.module+el8+1556+4cdea58a.ML.1.x86_64.rpm
    MD5: 4e6fd0c2f0421fe925bdec49d612f78a
    SHA-256: 7a82be18f61bc74fa4f07c16e5fb6a61460657f230e3c0f8bb46a10ffee743e4
    Size: 205.45 kB
  23. python-nss-doc-1.0.1-10.module+el8+1556+4cdea58a.ML.1.x86_64.rpm
    MD5: beb1ae90001eb793798155ff9fbd6f9e
    SHA-256: 17f38e0a160425bca7a1c7f775fe44ddb9ae9510eab1601d7d643e6550eaaa63
    Size: 316.16 kB
  24. relaxngDatatype-2011.1-7.module+el8+1556+4cdea58a.noarch.rpm
    MD5: d798c9ef46b4d825126ba8d10466d518
    SHA-256: 083ff9bcb67e0de6e250a43a4e6b7485c58cf4c66398c0c64008e5631863a765
    Size: 26.26 kB
  25. resteasy-3.0.26-6.module+el8+1556+4cdea58a.noarch.rpm
    MD5: c76269c52fc9a6d2ded5ab933d158780
    SHA-256: 59a1f671425b53a6f358dc314df1bcb3ff133eecb2e99c6a0187f617c98a43eb
    Size: 1.06 MB
  26. slf4j-1.7.25-4.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 61a6a4ddfdd693341d77fe6b65e300f4
    SHA-256: a3627246a12277bc3a83f35a100549cfb5155a74fdd43d14de321e09941de9ab
    Size: 75.56 kB
  27. slf4j-jdk14-1.7.25-4.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 431a6fdc40da9836c42707a640f30459
    SHA-256: cefe96875f11dff1cc3062b09a56d72e3149e59a0cfbe48b0a2d5d35554aafe5
    Size: 23.61 kB
  28. stax-ex-1.7.7-8.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 5c83b0400b146506a03328c45508f7cf
    SHA-256: 488f159e2d74d6b0f712c3b7c73a95ba840afb6a3c05ad8fd6eb62524230d60a
    Size: 54.33 kB
  29. velocity-1.7-24.module+el8+1556+4cdea58a.noarch.rpm
    MD5: b6448c69933bd3bec2858905ffe2a15b
    SHA-256: 9deef1ac2232b6e33e79aa8c6f5e709d982bd205e9e310f5c8d794e0b5844c33
    Size: 435.43 kB
  30. xalan-j2-2.7.1-38.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 434c0116f07cc8b2f403839f228ac6c6
    SHA-256: 41759aa4a51a856de4906a9207b07c560508a8101ff99e5b40d0a797434467eb
    Size: 1.89 MB
  31. xerces-j2-2.11.0-34.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 7e8511a5cd2f796be8f19cc0e8a99102
    SHA-256: 8a1bbf058a317aa14a95a982057bdc85849433c1b1786e5175c0ce492429bf4e
    Size: 1.16 MB
  32. xml-commons-apis-1.4.01-25.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 71e778d777feb3692b25308023a8791a
    SHA-256: 7ae3da59a3286e2ec67b3c7822aa63b0033cd8b0e2456b33cefd14c02a32154c
    Size: 233.03 kB
  33. xml-commons-resolver-1.2-26.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 6c163d27a5c6a99c9447093c9ff3ca09
    SHA-256: c0b0871f0a67bd38c37f651d34d9505b9dd37227826458722e47c76c4f588981
    Size: 114.26 kB
  34. xmlstreambuffer-1.5.4-8.module+el8+1556+4cdea58a.noarch.rpm
    MD5: c958c8739de360cbfe12dfc00a4b0665
    SHA-256: 1851e8ba9e076032275edaabdad6ccf7284f74e4da67c5ac24cb086537e1f0f5
    Size: 85.94 kB
  35. xsom-0-19.20110809svn.module+el8+1556+4cdea58a.noarch.rpm
    MD5: 94a7e4f4f142c702f272fe4a50527733
    SHA-256: 3b6d1267cb7be8801dcac0fc63032b70ee63d1f3ba10dad649736c4c4a34b549
    Size: 397.50 kB