[ALSA-2020:4847] Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2020-11-03
Description:
The Public Key Infrastructure (PKI) Core contains fundamental packages required by AlmaLinux Certificate System. Security Fix(es): * jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * bootstrap: XSS in the data-target attribute (CVE-2016-10735) * bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040) * bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042) * bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331) * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) * jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022) * jquery: Passing HTML containing
Updated packages:
  • apache-commons-collections-3.2.2-10.module_el8.3.0+2058+6bf11631.noarch.rpm
  • apache-commons-lang-2.6-21.module_el8.3.0+2058+6bf11631.noarch.rpm
  • apache-commons-net-3.6-3.module_el8.3.0+2058+6bf11631.noarch.rpm
  • bea-stax-api-1.2.0-16.module_el8.3.0+2058+6bf11631.noarch.rpm
  • glassfish-fastinfoset-1.2.13-9.module_el8.3.0+2058+6bf11631.noarch.rpm
  • glassfish-jaxb-api-2.2.12-8.module_el8.3.0+2058+6bf11631.noarch.rpm
  • glassfish-jaxb-core-2.2.11-11.module_el8.3.0+2058+6bf11631.noarch.rpm
  • glassfish-jaxb-runtime-2.2.11-11.module_el8.3.0+2058+6bf11631.noarch.rpm
  • glassfish-jaxb-txw2-2.2.11-11.module_el8.3.0+2058+6bf11631.noarch.rpm
  • jackson-annotations-2.10.0-1.module_el8.3.0+2058+6bf11631.noarch.rpm
  • jackson-core-2.10.0-1.module_el8.3.0+2058+6bf11631.noarch.rpm
  • jackson-databind-2.10.0-1.module_el8.3.0+2058+6bf11631.noarch.rpm
  • jackson-jaxrs-json-provider-2.9.9-1.module_el8.3.0+2058+6bf11631.noarch.rpm
  • jackson-jaxrs-providers-2.9.9-1.module_el8.3.0+2058+6bf11631.noarch.rpm
  • jackson-module-jaxb-annotations-2.7.6-4.module_el8.3.0+2058+6bf11631.noarch.rpm
  • javassist-3.18.1-8.module_el8.3.0+2058+6bf11631.noarch.rpm
  • javassist-javadoc-3.18.1-8.module_el8.3.0+2058+6bf11631.noarch.rpm
  • python-nss-doc-1.0.1-10.module_el8.3.0+2058+6bf11631.x86_64.rpm
  • python3-nss-1.0.1-10.module_el8.3.0+2058+6bf11631.x86_64.rpm
  • relaxngDatatype-2011.1-7.module_el8.3.0+2058+6bf11631.noarch.rpm
  • resteasy-3.0.26-3.module_el8.3.0+2058+6bf11631.noarch.rpm
  • slf4j-1.7.25-4.module_el8.3.0+2058+6bf11631.noarch.rpm
  • slf4j-jdk14-1.7.25-4.module_el8.3.0+2058+6bf11631.noarch.rpm
  • stax-ex-1.7.7-8.module_el8.3.0+2058+6bf11631.noarch.rpm
  • velocity-1.7-24.module_el8.3.0+2058+6bf11631.noarch.rpm
  • xalan-j2-2.7.1-38.module_el8.3.0+2058+6bf11631.noarch.rpm
  • xerces-j2-2.11.0-34.module_el8.3.0+2058+6bf11631.noarch.rpm
  • xml-commons-apis-1.4.01-25.module_el8.3.0+2058+6bf11631.noarch.rpm
  • xml-commons-resolver-1.2-26.module_el8.3.0+2058+6bf11631.noarch.rpm
  • xmlstreambuffer-1.5.4-8.module_el8.3.0+2058+6bf11631.noarch.rpm
  • xsom-0-19.20110809svn.module_el8.3.0+2058+6bf11631.noarch.rpm
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.