ELSA-2018-1979
- ULN >
- Oracle Linux Errata repository >
- ELSA-2018-1979
ELSA-2018-1979 - pki-core security, bug fix, and enhancement update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2018-06-27 |
Description
[10.5.1-13.1]
- Rebuild due to build system database problem
[10.5.1-13]
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1553068 - Using a Netmask produces an odd
entry in a certifcate [rhel-7.5.z] (ftweedal)
- Bugzilla Bug #1585945 - CMC CRMF requests result in
InvalidKeyFormatException when signing algorithm is ECC
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1587826 - ExternalCA: Installation failed during
csr generation with ecc [rhel-7.5.z] (rrelyea, gkapoor)
- Bugzilla Bug #1588944 - Cert validation for installation with
external CA cert [rhel-7.5.z] (edewata)
- Bugzilla Bug #1588945 - CRMFPopClient tool - should allow
option to do no key archival (cfu)
- Bugzilla Bug #1589307 - CVE-2018-1080 pki-core: Mishandled
ACL configuration in AAclAuthz.java reverses rules that allow
and deny access [rhel-7.5.z] (ftweedal, cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
[10.5.1-12]
- Updated 'jss' build and runtime requirements (mharmsen)
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1571582 - [MAN] Missing Man pages for tools CMCRequest,
CMCResponse, CMCSharedToken (typos) [rhel-7.5.z] (cfu)
- Bugzilla Bug #1572548 - IPA install with external-CA is failing when
FIPS mode enabled. [rhel-7.5.z] (edewata)
- Bugzilla Bug #1574848 - servlet profileSubmitCMCSimple throws NPE
[rhel-7.5.z] (cfu)
- Bugzilla Bug #1575521 - subsystem -> subsystem SSL handshake issue
with TLS_ECDHE_RSA_* on Thales HSM [rhel-7.5.z] (cfu)
- Bugzilla Bug #1581134 - ECC installation for non CA subsystems needs
improvement [rhel-7.5.z] (jmagne)
- Bugzilla Bug #1581135 - SAN in internal SSL server certificate in
pkispawn configuration step [rhel-7.5.z] (cfu)
- Bugzilla Bug #1581167 - CC: CMC profiles: Some CMC profiles have wrong
input class_id [rhel-7.5.z] (cfu)
- Bugzilla Bug #1581382 - ECDSA Certificates Generated by Certificate System
9.3 fail NIST validation test with parameter field. [rhel-7.5.z] (cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1471303 - Rebase redhat-pki, redhat-pki-theme, pki-core,
[10.5.1-11]
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1554726 - Need ECC-specific Enrollment Profiles for
standard conformance [rhel-7.5.z] (cfu)
- Bugzilla Bug #1557880 - [MAN] Missing Man pages for tools
CMCRequest, CMCResponse, CMCSharedToken [rhel-7.5.z] (cfu)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1560233 - libtps does not directly depend on libz
[10.5.1-10]
- ##########################################################################
- # RHEL 7.5:
- ##########################################################################
- Bugzilla Bug #1550581 - CMCAuth throws
org.mozilla.jss.crypto.TokenException: Unable to insert certificate into
temporary database [rhel-7.5.z] (cfu)
- Bugzilla Bug #1551067 - [MAN] Add --skip-configuration
and --skip-installation into pkispawn man page. [rhel-7.5.z] (edewata)
- Bugzilla Bug #1552241 - Make sslget aware of TLSv1_2 ciphers
[rhel-7.5.z] (cheimes, mharmsen)
- Bugzilla Bug #1553068 - Using a Netmask produces an odd entry
in a certifcate [rhel-7.5.z] (ftweedal)
- Bugzilla Bug #1554726 - Need ECC-specific Enrollment Profiles for
standard conformance [rhel-7.5.z] (cfu)
- Bugzilla Bug #1554727 - Permit additional FIPS ciphers to be enabled
by default for RSA . . . [rhel-7.5.z] (mharmsen, cfu)
- Bugzilla Bug #1557880 - [MAN] Missing Man pages for tools
CMCRequest, CMCResponse, CMCSharedToken [rhel-7.5.z] (cfu)
- Bugzilla Bug #1557883 - Console: Adding ACL from pki-console gives
StringIndexOutOfBoundsException [rhel-7.5.z] (ftweedal)
- Bugzilla Bug #1558919 - Not able to generate certificate request
with ECC using pki client-cert-request [rhel-7.5.z] (akahat)
- ##########################################################################
- # RHCS 9.3:
- ##########################################################################
- # Bugzilla Bug #1560233 - libtps does not directly depend on libz
Related CVEs
| CVE-2018-1080 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (aarch64) | pki-core-10.5.1-13.1.el7_5.src.rpm | b3364412c8bc972f5de5bdb74b225edc7a8c89a111fcfb4cf16da1d94c576fa2 | ELSA-2024-4222 | ol7_aarch64_latest |
| pki-core-10.5.1-13.1.el7_5.src.rpm | b3364412c8bc972f5de5bdb74b225edc7a8c89a111fcfb4cf16da1d94c576fa2 | ELSA-2024-4222 | ol7_aarch64_optional_latest | |
| pki-base-10.5.1-13.1.el7_5.noarch.rpm | d1a59da1f8cc1e7c4c84b951fabc79839a4ca0058362d7b5d37ffa3002a4a072 | ELSA-2024-4222 | ol7_aarch64_latest | |
| pki-base-java-10.5.1-13.1.el7_5.noarch.rpm | 7801498707211a0caf50211690e3fa8067f49a988f8e33d8632c886ebcd5a268 | ELSA-2024-4222 | ol7_aarch64_latest | |
| pki-ca-10.5.1-13.1.el7_5.noarch.rpm | aeb7aa47257cf04580f8e3e883ad73109eb6ad033a8ab4604389edf4695dea61 | ELSA-2024-4222 | ol7_aarch64_latest | |
| pki-javadoc-10.5.1-13.1.el7_5.noarch.rpm | dbc136045aff97aa55aec73de9ebbcadccca21a40cc2982aa484ec86268f0777 | ELSA-2024-4222 | ol7_aarch64_optional_latest | |
| pki-kra-10.5.1-13.1.el7_5.noarch.rpm | c0a5c2a5003c44091e3254651adb39e2747adabfb87ed9326598f6c7cf01aa18 | ELSA-2024-4222 | ol7_aarch64_latest | |
| pki-server-10.5.1-13.1.el7_5.noarch.rpm | be03acbd77f7d37b5ce6c1516da3bdebf1840e9829d996a630a4923caba4979a | ELSA-2024-4222 | ol7_aarch64_latest | |
| pki-symkey-10.5.1-13.1.el7_5.aarch64.rpm | 23fecd09073b08a6788ce9c457348db3f43c1606668b9ce40122b071706dc2b2 | ELSA-2024-4222 | ol7_aarch64_latest | |
| pki-tools-10.5.1-13.1.el7_5.aarch64.rpm | 38f9e4339cc71e6ccb22a1c1f67cd7bdd2eddf44c889fc9db0d2ea611130eb51 | ELSA-2024-4222 | ol7_aarch64_latest | |
| Oracle Linux 7 (x86_64) | pki-core-10.5.1-13.1.el7_5.src.rpm | b3364412c8bc972f5de5bdb74b225edc7a8c89a111fcfb4cf16da1d94c576fa2 | ELSA-2024-4222 | ol7_x86_64_latest |
| pki-core-10.5.1-13.1.el7_5.src.rpm | b3364412c8bc972f5de5bdb74b225edc7a8c89a111fcfb4cf16da1d94c576fa2 | ELSA-2024-4222 | ol7_x86_64_optional_archive | |
| pki-core-10.5.1-13.1.el7_5.src.rpm | b3364412c8bc972f5de5bdb74b225edc7a8c89a111fcfb4cf16da1d94c576fa2 | ELSA-2024-4222 | ol7_x86_64_optional_latest | |
| pki-core-10.5.1-13.1.el7_5.src.rpm | b3364412c8bc972f5de5bdb74b225edc7a8c89a111fcfb4cf16da1d94c576fa2 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-base-10.5.1-13.1.el7_5.noarch.rpm | d1a59da1f8cc1e7c4c84b951fabc79839a4ca0058362d7b5d37ffa3002a4a072 | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-base-10.5.1-13.1.el7_5.noarch.rpm | d1a59da1f8cc1e7c4c84b951fabc79839a4ca0058362d7b5d37ffa3002a4a072 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-base-java-10.5.1-13.1.el7_5.noarch.rpm | 7801498707211a0caf50211690e3fa8067f49a988f8e33d8632c886ebcd5a268 | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-base-java-10.5.1-13.1.el7_5.noarch.rpm | 7801498707211a0caf50211690e3fa8067f49a988f8e33d8632c886ebcd5a268 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-ca-10.5.1-13.1.el7_5.noarch.rpm | aeb7aa47257cf04580f8e3e883ad73109eb6ad033a8ab4604389edf4695dea61 | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-ca-10.5.1-13.1.el7_5.noarch.rpm | aeb7aa47257cf04580f8e3e883ad73109eb6ad033a8ab4604389edf4695dea61 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-javadoc-10.5.1-13.1.el7_5.noarch.rpm | dbc136045aff97aa55aec73de9ebbcadccca21a40cc2982aa484ec86268f0777 | ELSA-2024-4222 | ol7_x86_64_optional_archive | |
| pki-javadoc-10.5.1-13.1.el7_5.noarch.rpm | dbc136045aff97aa55aec73de9ebbcadccca21a40cc2982aa484ec86268f0777 | ELSA-2024-4222 | ol7_x86_64_optional_latest | |
| pki-kra-10.5.1-13.1.el7_5.noarch.rpm | c0a5c2a5003c44091e3254651adb39e2747adabfb87ed9326598f6c7cf01aa18 | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-kra-10.5.1-13.1.el7_5.noarch.rpm | c0a5c2a5003c44091e3254651adb39e2747adabfb87ed9326598f6c7cf01aa18 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-server-10.5.1-13.1.el7_5.noarch.rpm | be03acbd77f7d37b5ce6c1516da3bdebf1840e9829d996a630a4923caba4979a | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-server-10.5.1-13.1.el7_5.noarch.rpm | be03acbd77f7d37b5ce6c1516da3bdebf1840e9829d996a630a4923caba4979a | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-symkey-10.5.1-13.1.el7_5.x86_64.rpm | dd5b9823560ef4ac4ffcd96b29b903511195f36f27f19ce3baa83de470128577 | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-symkey-10.5.1-13.1.el7_5.x86_64.rpm | dd5b9823560ef4ac4ffcd96b29b903511195f36f27f19ce3baa83de470128577 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
| pki-tools-10.5.1-13.1.el7_5.x86_64.rpm | 61f1380cb86300b33fabcd93ef9a0b3a861b4d71310398e0476c8763e9aa87d4 | ELSA-2024-4222 | ol7_x86_64_latest | |
| pki-tools-10.5.1-13.1.el7_5.x86_64.rpm | 61f1380cb86300b33fabcd93ef9a0b3a861b4d71310398e0476c8763e9aa87d4 | ELSA-2024-4222 | ol7_x86_64_u5_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
