The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab (CVE-2019-10178)
pki-core: unsanitized token parameters in TPS resulting in stored XSS (CVE-2019-10180)
pki-core: Stored XSS in TPS profile creation (CVE-2020-1696)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Update Batch Update Information to Version 20 [RHCS 9.4.z] (BZ#1931149)
Not able to launch pkiconsole – RHEL 7.6.z backport request [RHCS 9.4.z] (BZ#1931718)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | pki-tps | < 10.5.9-15.el7pki | pki-tps-10.5.9-15.el7pki.x86_64.rpm |
RedHat | 7 | noarch | pki-ocsp | < 10.5.9-15.el7pki | pki-ocsp-10.5.9-15.el7pki.noarch.rpm |
RedHat | 7 | noarch | pki-tks | < 10.5.9-15.el7pki | pki-tks-10.5.9-15.el7pki.noarch.rpm |
RedHat | 7 | x86_64 | pki-core-debuginfo | < 10.5.9-15.el7pki | pki-core-debuginfo-10.5.9-15.el7pki.x86_64.rpm |
RedHat | 7 | noarch | redhat-pki-server-theme | < 10.5.9-5.el7pki | redhat-pki-server-theme-10.5.9-5.el7pki.noarch.rpm |
RedHat | 7 | noarch | pki-console | < 10.5.9-2.el7pki | pki-console-10.5.9-2.el7pki.noarch.rpm |
RedHat | 7 | noarch | idm-console-framework | < 1.1.17-4.el7dsrv | idm-console-framework-1.1.17-4.el7dsrv.noarch.rpm |
RedHat | 7 | noarch | redhat-pki-console-theme | < 10.5.9-5.el7pki | redhat-pki-console-theme-10.5.9-5.el7pki.noarch.rpm |