pki-core:10.6 security update

エラータID: AXSA:2024-8557:01

Release date: 
Thursday, July 11, 2024 - 15:16
Subject: 
pki-core:10.6 security update
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Public Key Infrastructure (PKI) Core contains fundamental packages required
by Red Hat Certificate System.

Security Fix(es):

dogtag ca: token authentication bypass vulnerability (CVE-2023-4727)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE(s):
CVE-2023-4727

Modularity name: "pki-core"
Stream name: "10.6"

Solution: 

Update packages.

CVEs: 
CVE-2023-4727
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege.
Additional Info: 

N/A

Download: 

SRPMS
  1. jss-4.11.0-1.module+el8+1789+a32e0e1e.src.rpm
    MD5: 48526df8b119cd889415762df2e7ef0b
    SHA-256: a04c9ccb373a01d41939cf5508195d952ced3929a714cf8f1aed1958cecbd316
    Size: 0.99 MB
  2. ldapjdk-4.24.0-1.module+el8+1789+a32e0e1e.src.rpm
    MD5: 80c114290a7cabbc2432bd098ce7f524
    SHA-256: 0d44a6511133706e11f02b39d1cb05cdbb0491c08c0cfee7335d0fe79558f8a5
    Size: 2.84 MB
  3. pki-core-10.15.1-1.module+el8+1789+a32e0e1e.src.rpm
    MD5: e42bb6cf10be264d1eff022203be2228
    SHA-256: d46872eb7f70e3aef20f3e12d764f5d73c996b7232382490d94337f7f8d000c4
    Size: 10.53 MB
  4. resteasy-3.0.26-7.module+el8+1789+a32e0e1e.src.rpm
    MD5: e092fd33ad4ddc88d794248b83e350f9
    SHA-256: 7d04e841b6939c8154fde6cf63a1ebe9b18bc01f83914827f16b9d93b3e58627
    Size: 7.46 MB
  5. tomcatjss-7.8.0-1.module+el8+1789+a32e0e1e.src.rpm
    MD5: a75cfa424c4c036f4326b57e83602e50
    SHA-256: 76ad6e2c4d7c369d1d873894edafe0ef86306bcf208768bcda274aaa56ea712c
    Size: 44.33 kB

Asianux Server 8 for x86_64
  1. idm-jss-4.11.0-1.module+el8+1789+a32e0e1e.x86_64.rpm
    MD5: 1bd8cbc7d6298b7c387d2c41f53eb066
    SHA-256: 78a671fcf51438517cdb82167984321b7bfbe436ee8e2639bb91b8d2429045df
    Size: 1.19 MB
  2. idm-jss-javadoc-4.11.0-1.module+el8+1789+a32e0e1e.x86_64.rpm
    MD5: 4fbce108155431eb3d82fc39cf0f848e
    SHA-256: 1d59e03dad0a51943c6d35fe9e7f8ee94a02efcb6bcf8b38a3d5af6b4697c0bf
    Size: 1.00 MB
  3. idm-ldapjdk-4.24.0-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 93a9795d6475ff42b357881ca619a0b5
    SHA-256: a9700a0bcdd0cbac5cc1e8c4f59d042e7c8a6362041fcbe2a2b1865d821d4d40
    Size: 322.10 kB
  4. idm-ldapjdk-javadoc-4.24.0-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 67ffa6898db26762e2b3a2816f0a4d21
    SHA-256: 022c1364124a9bf78cbd703e5d901b69f16932fe79ca815712608848b85a9604
    Size: 374.64 kB
  5. idm-pki-acme-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 0b6fae51fad7e9c8856ecae92e9a7496
    SHA-256: 4df299ea745db3d0317a9a3a95f5635519ea8e164615b1405d403f8403d7f76a
    Size: 0.97 MB
  6. idm-pki-base-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 0dd7c66c79b5bc0cd86c8ce87296e331
    SHA-256: db0398b06b97afa12cf4b1365bb331536242b3e93fb0cc27c958fbefee2ecdc7
    Size: 295.89 kB
  7. idm-pki-base-java-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 4136b0a429ca01ebb88879243aac6f10
    SHA-256: 781f0b7dceed44c2afbaff4c64bae6d6b03fbd935f5798c33bb4feb7f37d1f38
    Size: 668.35 kB
  8. idm-pki-ca-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 8de4ef9264fc9401ed6a9e4931f09faf
    SHA-256: ac37354aebd6c3f880af6966982ba5173f53a07f6ea2b2867e4b33ab5fefd43e
    Size: 1.31 MB
  9. idm-pki-kra-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 881a2250c490e95c1caa077e4620af44
    SHA-256: 8b1513e3416d4c069f17432b7a558a73598225d11ad4ff4bf5c499e1e1ef94d4
    Size: 289.73 kB
  10. idm-pki-server-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 215550a371dc08461fe3fb9a3f126ce6
    SHA-256: 41f54b579acd7ace5aa26fd9beef8d0e57cf8157872062d5ff0bc908c34df0cc
    Size: 2.62 MB
  11. idm-pki-symkey-10.15.1-1.module+el8+1789+a32e0e1e.x86_64.rpm
    MD5: 393bb0c05be22fb1a71327c1583627a9
    SHA-256: c5dd72f06dcaa186b95e25c8d5c531ba5c9741b643559ea0a3f13819efda55ed
    Size: 57.19 kB
  12. idm-pki-tools-10.15.1-1.module+el8+1789+a32e0e1e.x86_64.rpm
    MD5: 22f4959c85233d77957fde124305f990
    SHA-256: 2c18d0bf6b5ca3d777f9701258d92592dcc1addb566fb76c2d3acd53f3ce8bfb
    Size: 795.68 kB
  13. idm-tomcatjss-7.8.0-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 7b1c8405d3641c817baaf0923ab614fb
    SHA-256: 7ade9e5897b90ea1f42f9d08c1a8e7566fea4f0af579131ea8076325a6e6d950
    Size: 38.59 kB
  14. jss-debugsource-4.11.0-1.module+el8+1789+a32e0e1e.x86_64.rpm
    MD5: e0e7d0bdb4801f1717791b12b66e200a
    SHA-256: a18294868a187147cee5daf15682b8e985f8d91a3e0c5feaef4893bcdd90b745
    Size: 147.16 kB
  15. pki-core-debugsource-10.15.1-1.module+el8+1789+a32e0e1e.x86_64.rpm
    MD5: 8548709f7eee81c15fb50499d46dffa1
    SHA-256: cc6c34322b0bd893d4f58ae32970c21a091908656734ca9bd1d5be56de978aaf
    Size: 172.74 kB
  16. python3-idm-pki-10.15.1-1.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: e6ca3b0cc315a63e3864c9a3a6d3dcc7
    SHA-256: bc415fe80a5d1ffb74720017e19e12af7f1951a0be89f46ccbd92fa90d3c6b1f
    Size: 166.96 kB
  17. resteasy-3.0.26-7.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 748954065f16079e82f4bac82da0fe36
    SHA-256: d6372dc500c31d7e63a3dd166ff3094a683dae069c9891ff982ab5337681dc69
    Size: 1.06 MB
  18. resteasy-javadoc-3.0.26-7.module+el8+1789+a32e0e1e.noarch.rpm
    MD5: 059d85c92876d635f0727227446b8718
    SHA-256: f3881aceee340b839e13c36677c0dda6123b154855d36721c6b4ac2154f472dc
    Size: 1.14 MB