pki-core:10.6 security and bug fix update

エラータID: AXSA:2022-4440:01

リリース日: 
2022/12/16 Friday - 10:45
題名: 
pki-core:10.6 security and bug fix update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- pki-core には、XML ドキュメントの解析処理に問題が
あるため、リモートの攻撃者により、巧妙に細工された
HTTP リクエストの送信を介して、任意ファイルの内容の
取得を可能とする脆弱性が存在します。(CVE-2022-2414)

Modularity name: pki-core
Stream name: 10.6

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2022-2414
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. jss-4.9.4-1.module+el8+1557+b56b10a0.src.rpm
    MD5: f325da6cd1b56ec156bd6058d4db321b
    SHA-256: 372de696451d204f061beb39fa7587e2b62d05e16bf1f7a3f3c8f053c305497d
    Size: 0.98 MB
  2. ldapjdk-4.23.0-1.module+el8+1557+b56b10a0.src.rpm
    MD5: b72820136b7420548554175a90baaba3
    SHA-256: 6d232833349e4826d4cfa0271f6a74b6c9047f5aafe0a76be31681369a94f56e
    Size: 2.83 MB
  3. pki-core-10.12.0-4.module+el8+1557+b56b10a0.src.rpm
    MD5: cb9b7a467a4b9693955512494c846db0
    SHA-256: 9d56a1d3c26b9fd6e1e2f65079295d51be6288cbc28c89a4ddc0adc625485ced
    Size: 10.50 MB
  4. tomcatjss-7.7.1-1.module+el8+1557+b56b10a0.src.rpm
    MD5: 99bf08811c042b0d042cfe527f481a77
    SHA-256: e68a1cdde627f6ac078d0553f74275155c37fa7adb9ec2493c0e0ca7e5a6def3
    Size: 41.77 kB

Asianux Server 8 for x86_64
  1. jss-4.9.4-1.module+el8+1557+b56b10a0.x86_64.rpm
    MD5: 10804bf5109a4f7bd407e5b897344f36
    SHA-256: 962fc0627c97e838b2ee681227d1d84e6e20e2adcc071f19c89fdc04f212758a
    Size: 1.18 MB
  2. jss-debugsource-4.9.4-1.module+el8+1557+b56b10a0.x86_64.rpm
    MD5: 16e89b922a3ce20c00a10afda063935c
    SHA-256: 970d82a957190c66d699fdc5238a3fa0ae9a4df38af8deb3a4252da91f1ddfa3
    Size: 146.88 kB
  3. jss-javadoc-4.9.4-1.module+el8+1557+b56b10a0.x86_64.rpm
    MD5: 7ac1b8197e87ee46b7c80bac7bd5f008
    SHA-256: 9b77bcfd09faa4ba09749382d27b8276f116a936e1ef126835b8520e9b2ce734
    Size: 1.00 MB
  4. ldapjdk-4.23.0-1.module+el8+1557+b56b10a0.noarch.rpm
    MD5: 0dc067deb820af498de47d33c1dde864
    SHA-256: d09fdce950e8e088cd4e86919001d7b56aff2c3498625f48cede3ce3c7c9389e
    Size: 321.78 kB
  5. ldapjdk-javadoc-4.23.0-1.module+el8+1557+b56b10a0.noarch.rpm
    MD5: f8dbc1cbca387481512f2631a28270fe
    SHA-256: 7a7607bdf6becc722480fceba79d6988da20e3b32c94c88c130b3b47b3051eff
    Size: 374.21 kB
  6. idm-pki-acme-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: f5ce10a6ca317f2a65dfb030ea1fb441
    SHA-256: b66d2994db72d02c7bbe20d6bcc290d46b30621e4f1fcac9590a3b4ba9829d9f
    Size: 0.99 MB
  7. idm-pki-base-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: 830014eee0823272796995daf21a2c7c
    SHA-256: a5731d94ab7c9518561df0cbdd4f606724433c3f022808bdef32fed8e9879124
    Size: 295.03 kB
  8. idm-pki-base-java-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: 92dbdb3b77990a5ae783751cf2e806e6
    SHA-256: 210e045e4a677bb5e42c88be11c3337d7e5ed428c1c6a9467bda3931112b2ad3
    Size: 666.61 kB
  9. idm-pki-ca-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: ce93710ce74ddbdf3c907f8c12c38e72
    SHA-256: bfe346f64d75eafac789a352e549240679bb0293f5aa7d204f4db34bbe4fb7df
    Size: 1.31 MB
  10. idm-pki-kra-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: 1a3c0bcadeb7968d86a749a5568acaf2
    SHA-256: a8e4b2a8274e58462e552926a79d1d5680ac78917b3ef3da7a4de95b9c3506bd
    Size: 288.90 kB
  11. idm-pki-server-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: 20b7f6bbc06f2e80d75fc3617e6abc36
    SHA-256: 995e4a7e10bad45efb91bfefa30c3e7964f3802c2f8a03f3822204d447bea0f4
    Size: 2.59 MB
  12. idm-pki-symkey-10.12.0-4.module+el8+1557+b56b10a0.x86_64.rpm
    MD5: d14c930ab11b61df9ed5bec2913a2270
    SHA-256: d4b1c4c31557a6642884a065ff21c3890e90e44ec4cf0eed6a7834d730897df2
    Size: 56.39 kB
  13. idm-pki-tools-10.12.0-4.module+el8+1557+b56b10a0.x86_64.rpm
    MD5: dc9d8a4cef662f23a95907095b382026
    SHA-256: 5ad27b04df804c0374e8dc5f2e0b00b78a185b9dfc9d0088c5e4ab66957e3e62
    Size: 794.59 kB
  14. pki-core-debugsource-10.12.0-4.module+el8+1557+b56b10a0.x86_64.rpm
    MD5: cdc7ab9334266882208b10433cf0efa8
    SHA-256: 6aa822dcb742276fc713fbeaafe66dcac8876b1ac4a93f17474e2314830cad52
    Size: 171.90 kB
  15. python3-idm-pki-10.12.0-4.module+el8+1557+b56b10a0.noarch.rpm
    MD5: fcdd3b26c62fac997e8b0c39e00e9fec
    SHA-256: 30a3166ec7b9526fb68651c99b1a65b5857b79017e1fe82c3e1146ee1bcdd97c
    Size: 165.83 kB
  16. tomcatjss-7.7.1-1.module+el8+1557+b56b10a0.noarch.rpm
    MD5: 7d2ed9012fd7dbd3836d62f9dbf98870
    SHA-256: 6247561dc27d955709d142bbddea3a18cc7697a9bd576f8fde2704f990fbb8c1
    Size: 38.14 kB