RLSA-2022:7470 --- bea-staxID: oval:org.secpod.oval:def:4501148 | Date: (C)2023-04-03 (M)2023-08-11 |
Class: PATCH | Family: unix |
The Public Key Infrastructure Core contains fundamental packages required by Rocky Enterprise Software Foundation Certificate System. Security Fix: * pki-core: access to external entities when parsing XML can lead to XXE For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.
Product: |
bea-stax |
stax-ex |
glassfish-jaxb |
apache-commons-lang |
jackson-jaxrs-providers |
jackson-core |
jackson-annotations |
glassfish-fastinfoset |
ldapjdk |
xerces-j2 |
jakarta-commons-httpclient |
xmlstreambuffer |
xml-commons-apis |
resteasy |
apache-commons-collections |
python-nss |
apache-commons-net |
jackson-module-jaxb-annotations |
jss |
jackson-databind |
xalan-j2 |
relaxngDatatype |
tomcatjss |
xml-commons-resolver |
slf4j |
velocity |
javassist |
idm-pki-symkey |
idm-pki-tools |
python3-nss |
idm-pki-acme |
idm-pki-base |
idm-pki-ca |
idm-pki-kra |
idm-pki-server |
jackson-jaxrs-json-provider |
python3-idm-pki |
xsom |