RHSA-2020:1644

Description

Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

CVSS Metrics

• v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•apache-commons-collections

  < 0:3.2.2-10.module+el8.1.0+3366+6dfb954c

• redhat•apache-commons-lang

  < 0:2.6-21.module+el8.1.0+3366+6dfb954c

• redhat•bea-stax

  < 0:1.2.0-16.module+el8.1.0+3366+6dfb954c

• redhat•bea-stax-api

  < 0:1.2.0-16.module+el8.1.0+3366+6dfb954c

• redhat•glassfish-fastinfoset

  < 0:1.2.13-9.module+el8.1.0+3366+6dfb954c

• redhat•glassfish-jaxb

  < 0:2.2.11-11.module+el8.1.0+3366+6dfb954c

• redhat•glassfish-jaxb-api

  < 0:2.2.12-8.module+el8.1.0+3366+6dfb954c

• redhat•glassfish-jaxb-core

  < 0:2.2.11-11.module+el8.1.0+3366+6dfb954c

• redhat•glassfish-jaxb-runtime

  < 0:2.2.11-11.module+el8.1.0+3366+6dfb954c

• redhat•glassfish-jaxb-txw2

  < 0:2.2.11-11.module+el8.1.0+3366+6dfb954c

• redhat•jackson-annotations

  < 0:2.10.0-1.module+el8.2.0+5059+3eb3af25

• redhat•jackson-core

  < 0:2.10.0-1.module+el8.2.0+5059+3eb3af25

• redhat•jackson-databind

  < 0:2.10.0-1.module+el8.2.0+5059+3eb3af25

• redhat•jackson-jaxrs-json-provider

  < 0:2.9.9-1.module+el8.1.0+3832+9784644d

• redhat•jackson-jaxrs-providers

  < 0:2.9.9-1.module+el8.1.0+3832+9784644d

• redhat•jackson-module-jaxb-annotations

  < 0:2.7.6-4.module+el8.1.0+3366+6dfb954c

• redhat•jakarta-commons-httpclient

  < 1:3.1-28.module+el8.1.0+3366+6dfb954c

• redhat•javassist

  < 0:3.18.1-8.module+el8.1.0+3366+6dfb954c

• redhat•javassist-javadoc

  < 0:3.18.1-8.module+el8.1.0+3366+6dfb954c

• redhat•jss

  < 0:4.6.2-4.module+el8.2.0+6123+b4678599

• redhat•jss-debuginfo

  < 0:4.6.2-4.module+el8.2.0+6123+b4678599

• redhat•jss-debugsource

  < 0:4.6.2-4.module+el8.2.0+6123+b4678599

• redhat•jss-javadoc

  < 0:4.6.2-4.module+el8.2.0+6123+b4678599

• redhat•ldapjdk

  < 0:4.21.0-2.module+el8.2.0+4573+c3c38c7b

• redhat•ldapjdk-javadoc

  < 0:4.21.0-2.module+el8.2.0+4573+c3c38c7b

• redhat•pki-base

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-base-java

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-ca

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-core

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-core-debuginfo

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-core-debugsource

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-kra

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-server

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-servlet-4.0-api

  < 1:9.0.7-16.module+el8.1.0+3366+6dfb954c

• redhat•pki-servlet-engine

  < 1:9.0.7-16.module+el8.1.0+3366+6dfb954c

• redhat•pki-symkey

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-symkey-debuginfo

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-tools

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•pki-tools-debuginfo

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•python-nss

  < 0:1.0.1-10.module+el8.1.0+3366+6dfb954c

• redhat•python-nss-debugsource

  < 0:1.0.1-10.module+el8.1.0+3366+6dfb954c

• redhat•python-nss-doc

  < 0:1.0.1-10.module+el8.1.0+3366+6dfb954c

• redhat•python3-nss

  < 0:1.0.1-10.module+el8.1.0+3366+6dfb954c

• redhat•python3-nss-debuginfo

  < 0:1.0.1-10.module+el8.1.0+3366+6dfb954c

• redhat•python3-pki

  < 0:10.8.3-1.module+el8.2.0+5925+bad5981a

• redhat•relaxngDatatype

  < 0:2011.1-7.module+el8.1.0+3366+6dfb954c

• redhat•resteasy

  < 0:3.0.26-3.module+el8.1.0+3366+6dfb954c

• redhat•slf4j

  < 0:1.7.25-4.module+el8.1.0+3366+6dfb954c

• redhat•slf4j-jdk14

  < 0:1.7.25-4.module+el8.1.0+3366+6dfb954c

• redhat•stax-ex

  < 0:1.7.7-8.module+el8.1.0+3366+6dfb954c

Showing first 50 affected entries in server-rendered view.

References (67)

• https://access.redhat.com/errata/RHSA-2020:1644
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
• https://bugzilla.redhat.com/show_bug.cgi?id=1535313
• https://bugzilla.redhat.com/show_bug.cgi?id=1655438
• https://bugzilla.redhat.com/show_bug.cgi?id=1656786
• https://bugzilla.redhat.com/show_bug.cgi?id=1698084
• https://bugzilla.redhat.com/show_bug.cgi?id=1744095
• https://bugzilla.redhat.com/show_bug.cgi?id=1755831
• https://bugzilla.redhat.com/show_bug.cgi?id=1755849
• https://bugzilla.redhat.com/show_bug.cgi?id=1758187
• https://bugzilla.redhat.com/show_bug.cgi?id=1758191
• https://bugzilla.redhat.com/show_bug.cgi?id=1767125
• https://bugzilla.redhat.com/show_bug.cgi?id=1767131
• https://bugzilla.redhat.com/show_bug.cgi?id=1775293
• https://bugzilla.redhat.com/show_bug.cgi?id=1777032
• https://bugzilla.redhat.com/show_bug.cgi?id=1782486
• https://bugzilla.redhat.com/show_bug.cgi?id=1795215
• https://bugzilla.redhat.com/show_bug.cgi?id=1802006
• https://bugzilla.redhat.com/show_bug.cgi?id=1806840
• https://bugzilla.redhat.com/show_bug.cgi?id=1807371
• https://bugzilla.redhat.com/show_bug.cgi?id=1807421
• https://bugzilla.redhat.com/show_bug.cgi?id=1809210
• https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1644.json
• https://access.redhat.com/security/cve/CVE-2019-14540
• https://www.cve.org/CVERecord?id=CVE-2019-14540
• https://nvd.nist.gov/vuln/detail/CVE-2019-14540
• https://access.redhat.com/security/cve/CVE-2019-16335
• https://www.cve.org/CVERecord?id=CVE-2019-16335
• https://nvd.nist.gov/vuln/detail/CVE-2019-16335
• https://access.redhat.com/security/cve/CVE-2019-16942
• https://www.cve.org/CVERecord?id=CVE-2019-16942
• https://nvd.nist.gov/vuln/detail/CVE-2019-16942
• https://access.redhat.com/security/cve/CVE-2019-16943
• https://www.cve.org/CVERecord?id=CVE-2019-16943
• https://nvd.nist.gov/vuln/detail/CVE-2019-16943
• https://access.redhat.com/security/cve/CVE-2019-17531
• https://www.cve.org/CVERecord?id=CVE-2019-17531
• https://nvd.nist.gov/vuln/detail/CVE-2019-17531
• https://access.redhat.com/security/cve/CVE-2019-20330
• https://bugzilla.redhat.com/show_bug.cgi?id=1793154
• https://www.cve.org/CVERecord?id=CVE-2019-20330
• https://nvd.nist.gov/vuln/detail/CVE-2019-20330
• https://access.redhat.com/security/cve/CVE-2020-8840
• https://bugzilla.redhat.com/show_bug.cgi?id=1816330
• https://www.cve.org/CVERecord?id=CVE-2020-8840
• https://nvd.nist.gov/vuln/detail/CVE-2020-8840
• https://access.redhat.com/security/cve/CVE-2020-9546
• https://bugzilla.redhat.com/show_bug.cgi?id=1816332
• https://www.cve.org/CVERecord?id=CVE-2020-9546
• https://nvd.nist.gov/vuln/detail/CVE-2020-9546
• https://access.redhat.com/security/cve/CVE-2020-9547
• https://bugzilla.redhat.com/show_bug.cgi?id=1816337
• https://www.cve.org/CVERecord?id=CVE-2020-9547
• https://nvd.nist.gov/vuln/detail/CVE-2020-9547
• https://access.redhat.com/security/cve/CVE-2020-9548
• https://bugzilla.redhat.com/show_bug.cgi?id=1816340
• https://www.cve.org/CVERecord?id=CVE-2020-9548
• https://nvd.nist.gov/vuln/detail/CVE-2020-9548
• https://access.redhat.com/security/cve/CVE-2020-10672
• https://bugzilla.redhat.com/show_bug.cgi?id=1815495
• https://www.cve.org/CVERecord?id=CVE-2020-10672
• https://nvd.nist.gov/vuln/detail/CVE-2020-10672
• https://access.redhat.com/security/cve/CVE-2020-10673
• https://bugzilla.redhat.com/show_bug.cgi?id=1815470
• https://www.cve.org/CVERecord?id=CVE-2020-10673
• https://nvd.nist.gov/vuln/detail/CVE-2020-10673