[ALSA-2024:3061] Moderate: pki-core:10.6 and pki-deps:10.6 security update
Type:
security
Severity:
moderate
Release date:
2024-05-29
Description:
The Public Key Infrastructure (PKI) Core contains fundamental packages required by AlmaLinux Certificate System. Security Fix(es): * jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch Packages/xmlstreambuffer-1.5.4-8.module_el8.5.0+2577+9e95fe00.noarch.rpm 05648f42fce41f399dfe350b66a8b0e8f403b21ba77f3288ec612c6f7575b5ca
noarch Packages/jakarta-commons-httpclient-3.1-28.module_el8.5.0+2577+9e95fe00.noarch.rpm 10bd8b35a7627089633a2b991411dbde04fc44bce205e99a070803b525ac27a8
noarch Packages/relaxngDatatype-2011.1-7.module_el8.5.0+2577+9e95fe00.noarch.rpm 33ef1dca728f64a392ffadafb9a0ca9d0b5d6ac4e6482b99206cda2c92c97d12
noarch fasterxml-oss-parent-49-1.module_el8.10.0+3791+e0637953.noarch.rpm 3a35d41e06bb31fc941c1dea41e618b5824ad1766ef2e62ed1419484660d69f5
noarch Packages/apache-commons-collections-3.2.2-10.module_el8.5.0+2577+9e95fe00.noarch.rpm 3cfda9d7dd99102c7b29705a732b41950cf92f90078f7555fc253989bc0782a0
noarch Packages/javassist-3.18.1-8.module_el8.5.0+2577+9e95fe00.noarch.rpm 432ef2e90a105aa946ad452af5ad9f13004ac3a8ab7647254cad7a4dbd433554
noarch Packages/xml-commons-resolver-1.2-26.module_el8.5.0+2577+9e95fe00.noarch.rpm 4649adc067659e2a6078eb08f1686d9cbc2a8810277009d801b256853d83186b
noarch glassfish-jaxb-core-2.2.11-12.module_el8.10.0+3791+e0637953.noarch.rpm 477a47687a21585315f4689a51288631d5fbac847b6673fba9f274890712a70a
noarch pki-servlet-engine-9.0.62-1.module_el8.10.0+3791+e0637953.noarch.rpm 532c855c94c4c589650554fdca9b4a4273dbb7c39b9840babd880c237ced690c
noarch Packages/xerces-j2-2.11.0-34.module_el8.5.0+2577+9e95fe00.noarch.rpm 553918f29e8ed7083f15f8f6b1630abb1d99dd32197a81f8aa15f6bedb2b30f4
noarch Packages/velocity-1.7-24.module_el8.5.0+2577+9e95fe00.noarch.rpm 5a6eee4a0135a0538b924361376c7a22936d4c43dec3defb83eed5b3bb1e2897
noarch Packages/xalan-j2-2.7.1-38.module_el8.5.0+2577+9e95fe00.noarch.rpm 5e01e9a7a21bd38e4949ec1366498734538cdb68e247e8d88bdaf0ef50802941
noarch Packages/slf4j-jdk14-1.7.25-4.module_el8.5.0+2577+9e95fe00.noarch.rpm 5f436c322a1b3aad14621f8b6e6bec715184284b492c3ff60591f0d8bec3ffde
noarch jackson-parent-2.14-1.module_el8.10.0+3791+e0637953.noarch.rpm 66bc54cf5299c55c1bc4fb32a02219f89e1f2922d64c069493e4f5e708c5bd79
noarch glassfish-jaxb-txw2-2.2.11-12.module_el8.10.0+3791+e0637953.noarch.rpm 6a6d9268a508987cc0336c3494e5657095dba3e655f1225b7fa7128dc097887f
noarch Packages/bea-stax-api-1.2.0-16.module_el8.5.0+2577+9e95fe00.noarch.rpm 6d944b415c59e5519365c59135ffef18839255c479277d2701d01e0500192256
noarch jackson-core-2.14.2-1.module_el8.10.0+3791+e0637953.noarch.rpm 7608e0ecc590c1db12ea7f18362cd4650922b184d14cc817ff275748ed0acc3c
noarch glassfish-jaxb-runtime-2.2.11-12.module_el8.10.0+3791+e0637953.noarch.rpm 7eeafc54dba1be4f10984f2ad8dd2430740d7c134a735d41d95eb83becf36033
noarch Packages/xml-commons-apis-1.4.01-25.module_el8.5.0+2577+9e95fe00.noarch.rpm 8b391528f92eddaaf0a0dc3f634718c438659c3f97dd0d7d7131ce9d8090be64
noarch Packages/glassfish-fastinfoset-1.2.13-9.module_el8.5.0+2577+9e95fe00.noarch.rpm b5cab09d52a8dc6754f3b7bc81d80d8dc4478417ca882c36785c2cc6a9253ce3
noarch Packages/glassfish-jaxb-api-2.2.12-8.module_el8.5.0+2577+9e95fe00.noarch.rpm beb7a887367ef8539a8eb20d5a62e1351577f84cc665b8f955d2cf96b5780024
noarch Packages/slf4j-1.7.25-4.module_el8.5.0+2577+9e95fe00.noarch.rpm c109b72a68915ed0cf53730c115d81ce088f19ac2582206dff3642c5076b3f17
noarch Packages/apache-commons-lang-2.6-21.module_el8.5.0+2577+9e95fe00.noarch.rpm c1cbb22cc5abd53350cd3fd27187e0c988d3872f91ec160039b3ad02565d2b50
noarch jackson-jaxrs-json-provider-2.14.2-1.module_el8.10.0+3791+e0637953.noarch.rpm c450d963735fe43761d2dddd9abdeef99ff82570f10022d85eb697af64968b79
noarch Packages/apache-commons-net-3.6-3.module_el8.5.0+2577+9e95fe00.noarch.rpm ca766bb12ea0913e34efd576f86e1d24cf3583f9c2b403135af543a61d8e81ea
noarch Packages/javassist-javadoc-3.18.1-8.module_el8.5.0+2577+9e95fe00.noarch.rpm d07761752107a818daea7ef556c2681fd35efa739687f7942f851ffc835dedb1
noarch Packages/xsom-0-19.20110809svn.module_el8.5.0+2577+9e95fe00.noarch.rpm d373cee4cbd659168ea847d6d2d6429859b6d8c9c41877d6d25a93b30cc2362a
noarch jackson-module-jaxb-annotations-2.14.2-2.module_el8.10.0+3791+e0637953.noarch.rpm d37c6424164848c66b8fbd872c9738537e9409244e0311ce1a7d3bc1e0de9093
noarch jackson-jaxrs-providers-2.14.2-1.module_el8.10.0+3791+e0637953.noarch.rpm d5d65e7ed5e3049a12757d45c69372580e18505aa09ddbc72ead48c4a38cc025
noarch jackson-annotations-2.14.2-1.module_el8.10.0+3791+e0637953.noarch.rpm d92ccc6d7c5d27978b2931e191a1462da2641ed8405988fb4da16994c670b43e
noarch Packages/stax-ex-1.7.7-8.module_el8.5.0+2577+9e95fe00.noarch.rpm df93c43fcc001714d329e6035685b00548226c69384543a54f57a08a53a4fdd2
noarch jackson-bom-2.14.2-1.module_el8.10.0+3791+e0637953.noarch.rpm e7f772934278d583b5ffdade861b258651ee2094a7238654dac63765232ace26
noarch jackson-modules-base-2.14.2-2.module_el8.10.0+3791+e0637953.noarch.rpm f86650afc1cae3eb79518b2027d3a7ce2c9988485dd9459cae5abde96eec9135
noarch jackson-databind-2.14.2-1.module_el8.10.0+3791+e0637953.noarch.rpm fcca039d6c09d06b48bba5e0ee69fbe2bd7fe9b45ec81d4ae0180b6f42c84e82
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.