pki-core-10.4.1-11.el7

エラータID: AXSA:2017-1974:05

Release date: 
Wednesday, August 30, 2017 - 17:40
Subject: 
pki-core-10.4.1-11.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

==================================
|| ABOUT "CERTIFICATE SYSTEM" ||
==================================

Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.

PKI Core contains ALL top-level java-based Tomcat PKI components:

* pki-symkey
* pki-base
* pki-base-python2 (alias for pki-base)
* pki-base-python3
* pki-base-java
* pki-tools
* pki-server
* pki-ca
* pki-kra
* pki-ocsp
* pki-tks
* pki-tps
* pki-javadoc

which comprise the following corresponding PKI subsystems:

* Certificate Authority (CA)
* Key Recovery Authority (KRA)
* Online Certificate Status Protocol (OCSP) Manager
* Token Key Service (TKS)
* Token Processing Service (TPS)

Python clients need only install the pki-base package. This
package contains the python REST client packages and the client
upgrade framework.

Java clients should install the pki-base-java package. This package
contains the legacy and REST Java client packages. These clients
should also consider installing the pki-tools package, which contain
native and Java-based PKI tools and utilities.

Certificate Server instances require the fundamental classes and
modules in pki-base and pki-base-java, as well as the utilities in
pki-tools. The main server classes are in pki-server, with subsystem
specific Java classes and resources in pki-ca, pki-kra, pki-ocsp etc.

Finally, if Certificate System is being deployed as an individual or
set of standalone rather than embedded server(s)/service(s), it is
strongly recommended (though not explicitly required) to include at
least one PKI Theme package:

* dogtag-pki-theme (Dogtag Certificate System deployments)
* dogtag-pki-server-theme
* redhat-pki-server-theme (Red Hat Certificate System deployments)
* redhat-pki-server-theme
* customized pki theme (Customized Certificate System deployments)
* -pki-server-theme

NOTE: As a convenience for standalone deployments, top-level meta
packages may be provided which bind a particular theme to
these certificate server packages.

CVE-2017-7537
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. pki-core-10.4.1-11.el7.src.rpm
    MD5: 78b10aba1b56e31be9b20137f7d98e76
    SHA-256: 7f95a2d88a9f59ab439ea49553d12b2b0d9802e986a9583b3d2e1ad32ef8bf1c
    Size: 4.72 MB

Asianux Server 7 for x86_64
  1. pki-base-10.4.1-11.el7.noarch.rpm
    MD5: baab7b6a90f7b4d0a999e518f0b688ca
    SHA-256: 0406ac2d37bd0029476d09678a30a4e1b1565989ce8d69c96cdc0f97e755caff
    Size: 378.99 kB
  2. pki-base-java-10.4.1-11.el7.noarch.rpm
    MD5: 91e9c7e66b025663731dbfd5ff04e1fb
    SHA-256: 3ba137170fd1cbafbb9c9f1ef5e5ed49ac1b4410f0c82ca3489565645b58e3aa
    Size: 1.14 MB
  3. pki-ca-10.4.1-11.el7.noarch.rpm
    MD5: 6789940be572761a5ea0f3258eeb97b3
    SHA-256: 2651f2d747321794b2775aea05e82badbb00b9776fbd5f557c824f2a1237ac17
    Size: 439.91 kB
  4. pki-kra-10.4.1-11.el7.noarch.rpm
    MD5: 1941809ee7bd91820eda5ea400d033d3
    SHA-256: 4d7053f327b7743fc7696aade6716aff542cfb8aaddff02fe43d66cd6daf2ddf
    Size: 269.48 kB
  5. pki-server-10.4.1-11.el7.noarch.rpm
    MD5: 379a071802273f9db9786bed34f2841e
    SHA-256: a319692e95229c1c758a40756d8a48689761098e5fd960dec7b1f26c84f24ca8
    Size: 2.78 MB
  6. pki-symkey-10.4.1-11.el7.x86_64.rpm
    MD5: d25dfcde67f3106eaad15fef9d610584
    SHA-256: e2251ff300ed089a9dcf48b077c316b722bd7d5a38146e67fa5f2f674b4c2717
    Size: 129.75 kB
  7. pki-tools-10.4.1-11.el7.x86_64.rpm
    MD5: b657ac6eb9369b7d0d6bb91d9177463e
    SHA-256: 7498700e5e60667fdb6a2fe9094c66468741169f54478aa2c316f67b16297f4b
    Size: 669.13 kB