Type: | SECURITY |
Severity: | MODERATE |
Release Date: | 2022-10-24 |
[10.5.18-23]
- ##########################################################################
- # RHEL 7.9 (Batch Update 18):
- ##########################################################################
- Bugzilla Bug #2107329 - CVE-2022-2414 pki-core: access to external
entities when parsing XML can lead to XXE [rhel-7.9.z] (ckelley, mharmsen)
- Bugzilla Bug #2111514 - CVE-2022-2393 pki-core: When using the
caServerKeygen_DirUserCert profile, user can get certificates for other
UIDs by entering name in Subject field [rhel-7.9] (cfu, ckelley)
- ##########################################################################
- # RHCS 9.7 (Batch Update 18):
- ##########################################################################
- Bugzilla Bug #2107325 - CVE-2022-2414 pki-core: access to external
entities when parsing XML can lead to XXE [certificate_system_9.7.z]
(ckelley, mharmsen)
- Bugzilla Bug #2111493 - CVE-2022-2393 pki-core: When using the
caServerKeygen_DirUserCert profile, user can get certificates for other
UIDs by entering name in Subject field [rhcs_9.7] (cfu, ckelley)
[10.5.18-22]
- ##########################################################################
- # RHEL 7.9 (Batch Update 17):
- ##########################################################################
- Bugzilla Bug #2107329 - CVE-2022-2414 pki-core: access to external
entities when parsing XML can lead to XXE [rhel-7.9.z] (ckelley, mharmsen)
- Bugzilla Bug #2111514 - CVE-2022-2393 pki-core: When using the
caServerKeygen_DirUserCert profile, user can get certificates for other
UIDs by entering name in Subject field [rhel-7.9] (cfu, ckelley)
- ##########################################################################
- # RHCS 9.7 (Batch Update 17):
- ##########################################################################
- Bugzilla Bug #2107325 - CVE-2022-2414 pki-core: access to external
entities when parsing XML can lead to XXE [certificate_system_9.7.z]
(ckelley, mharmsen)
- Bugzilla Bug #2111493 - CVE-2022-2393 pki-core: When using the
caServerKeygen_DirUserCert profile, user can get certificates for other
UIDs by entering name in Subject field [rhcs_9.7] (cfu, ckelley)
CVE-2022-2393 |
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
Oracle Linux 7 (aarch64) | pki-core-10.5.18-23.el7_9.src.rpm | 13a98b7419048459b846a21c0b9292ef | - |
pki-base-10.5.18-23.el7_9.noarch.rpm | e71eb2481bd59e97637bb23261cefbd5 | - | |
pki-base-java-10.5.18-23.el7_9.noarch.rpm | 528ed9c71a193cef94245ec0b0e4bcea | - | |
pki-ca-10.5.18-23.el7_9.noarch.rpm | dd614de8e2b808d9f1e10a35d6d0da12 | - | |
pki-javadoc-10.5.18-23.el7_9.noarch.rpm | 7233e89ddc5fd21dfa576d4ef1075724 | - | |
pki-kra-10.5.18-23.el7_9.noarch.rpm | 43832b191008fc134e84dde7ed22883c | - | |
pki-server-10.5.18-23.el7_9.noarch.rpm | a757aec338b183881cdbce8accdd2d04 | - | |
pki-symkey-10.5.18-23.el7_9.aarch64.rpm | 7ed948334ddff6efaf007dfcbe946dfa | - | |
pki-tools-10.5.18-23.el7_9.aarch64.rpm | 86de058844f0733c8e2975b390f16cb0 | - | |
Oracle Linux 7 (x86_64) | pki-core-10.5.18-23.el7_9.src.rpm | 13a98b7419048459b846a21c0b9292ef | - |
pki-base-10.5.18-23.el7_9.noarch.rpm | e71eb2481bd59e97637bb23261cefbd5 | - | |
pki-base-java-10.5.18-23.el7_9.noarch.rpm | 528ed9c71a193cef94245ec0b0e4bcea | - | |
pki-ca-10.5.18-23.el7_9.noarch.rpm | dd614de8e2b808d9f1e10a35d6d0da12 | - | |
pki-javadoc-10.5.18-23.el7_9.noarch.rpm | 7233e89ddc5fd21dfa576d4ef1075724 | - | |
pki-kra-10.5.18-23.el7_9.noarch.rpm | 43832b191008fc134e84dde7ed22883c | - | |
pki-server-10.5.18-23.el7_9.noarch.rpm | a757aec338b183881cdbce8accdd2d04 | - | |
pki-symkey-10.5.18-23.el7_9.x86_64.rpm | 5c108f649a95e1a5903cff24ad2c5a4e | - | |
pki-tools-10.5.18-23.el7_9.x86_64.rpm | a4a492f89e84797d96f88dc7e4e9f0d8 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team