Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2019:3225 - Security Advisory
Issued:
2019-10-29
Updated:
2019-10-29

RHSA-2019:3225 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: jss security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for jss is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Java Security Services (JSS) provides an interface between Java Virtual Machine and Network Security Services (NSS). It supports most of the security standards and encryption technologies supported by NSS including communication through SSL/TLS network protocols. JSS is primarily utilized by the Certificate Server as a part of the Identity Management System.

Security Fix(es):

  • JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate (CVE-2019-14823)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 7.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6 x86_64
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1747435 - CVE-2019-14823 JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate

CVEs

  • CVE-2019-14823

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
x86_64
jss-4.4.4-6.el7_6.x86_64.rpm SHA-256: 6dcf67b0c3ba7918b27cad2349153e9f896bc78f033bb6a423f2a58fefc815a8
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-javadoc-4.4.4-6.el7_6.x86_64.rpm SHA-256: 804fbc340313da6e9aa0e759176ede80e578b168b92b490aa5648f9748218cab

Red Hat Enterprise Linux Server - AUS 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
x86_64
jss-4.4.4-6.el7_6.x86_64.rpm SHA-256: 6dcf67b0c3ba7918b27cad2349153e9f896bc78f033bb6a423f2a58fefc815a8
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-javadoc-4.4.4-6.el7_6.x86_64.rpm SHA-256: 804fbc340313da6e9aa0e759176ede80e578b168b92b490aa5648f9748218cab

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
s390x
jss-4.4.4-6.el7_6.s390x.rpm SHA-256: dcd9a9f9e4f93a8011c3556b626875493363b2fae877e74f6081763426b9bb66
jss-debuginfo-4.4.4-6.el7_6.s390x.rpm SHA-256: 0e9f6f5e91649581afcebe1edf600283a3f7c13326dd40188c4cb34233098885
jss-debuginfo-4.4.4-6.el7_6.s390x.rpm SHA-256: 0e9f6f5e91649581afcebe1edf600283a3f7c13326dd40188c4cb34233098885
jss-javadoc-4.4.4-6.el7_6.s390x.rpm SHA-256: 4757b041c2c4dfc5d7548efa64b5cc7ce4f4f26967bc26e54d2a7bd32019b7af

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
ppc64
jss-4.4.4-6.el7_6.ppc64.rpm SHA-256: 98bc365b7925774e628d8445d28dd92c8dd3c663b5862632149d9101f89f70b0
jss-debuginfo-4.4.4-6.el7_6.ppc64.rpm SHA-256: df94ea1ed4752941a669a02267414d434d09ebebb93b69b1e733d5186194b00a
jss-debuginfo-4.4.4-6.el7_6.ppc64.rpm SHA-256: df94ea1ed4752941a669a02267414d434d09ebebb93b69b1e733d5186194b00a
jss-javadoc-4.4.4-6.el7_6.ppc64.rpm SHA-256: ee7fa362829f51ceaddb2d4ccd4bcfcf5f09dff07b3b049fa96b491484f19ee1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
ppc64le
jss-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 5e5394d74744f3ce0c0cafcacb68985f66b4d2d5b13691039b69e13b474b4ac2
jss-debuginfo-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 14939ca8eab6f06a3a1489bd3455159be44f7ae2de01c02fc478319dd162d8bf
jss-debuginfo-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 14939ca8eab6f06a3a1489bd3455159be44f7ae2de01c02fc478319dd162d8bf
jss-javadoc-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 2d02bfc729bc0a26d7a0f369765666c4e263d936615c7b8740dbaf7bdb00e6c7

Red Hat Enterprise Linux Server - TUS 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
x86_64
jss-4.4.4-6.el7_6.x86_64.rpm SHA-256: 6dcf67b0c3ba7918b27cad2349153e9f896bc78f033bb6a423f2a58fefc815a8
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-javadoc-4.4.4-6.el7_6.x86_64.rpm SHA-256: 804fbc340313da6e9aa0e759176ede80e578b168b92b490aa5648f9748218cab

Red Hat Enterprise Linux for ARM 64 7

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
aarch64
jss-4.4.4-6.el7_6.aarch64.rpm SHA-256: 97370d117a997ea50f1564107b1ae177c7209bda76754427523f5641dd180395
jss-debuginfo-4.4.4-6.el7_6.aarch64.rpm SHA-256: 366af25fb6cfc050d104630359a2a3d0e6e789158f68f00538e320c775e8ebb4
jss-debuginfo-4.4.4-6.el7_6.aarch64.rpm SHA-256: 366af25fb6cfc050d104630359a2a3d0e6e789158f68f00538e320c775e8ebb4
jss-javadoc-4.4.4-6.el7_6.aarch64.rpm SHA-256: c5883e1b385bc6d1ab93874baef4a08838d54ab0470f300146be43273afb3861

Red Hat Enterprise Linux for Power 9 7

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
ppc64le
jss-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 5e5394d74744f3ce0c0cafcacb68985f66b4d2d5b13691039b69e13b474b4ac2
jss-debuginfo-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 14939ca8eab6f06a3a1489bd3455159be44f7ae2de01c02fc478319dd162d8bf
jss-debuginfo-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 14939ca8eab6f06a3a1489bd3455159be44f7ae2de01c02fc478319dd162d8bf
jss-javadoc-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 2d02bfc729bc0a26d7a0f369765666c4e263d936615c7b8740dbaf7bdb00e6c7

Red Hat Enterprise Linux EUS Compute Node 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
x86_64
jss-4.4.4-6.el7_6.x86_64.rpm SHA-256: 6dcf67b0c3ba7918b27cad2349153e9f896bc78f033bb6a423f2a58fefc815a8
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-javadoc-4.4.4-6.el7_6.x86_64.rpm SHA-256: 804fbc340313da6e9aa0e759176ede80e578b168b92b490aa5648f9748218cab

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
ppc64le
jss-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 5e5394d74744f3ce0c0cafcacb68985f66b4d2d5b13691039b69e13b474b4ac2
jss-debuginfo-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 14939ca8eab6f06a3a1489bd3455159be44f7ae2de01c02fc478319dd162d8bf
jss-debuginfo-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 14939ca8eab6f06a3a1489bd3455159be44f7ae2de01c02fc478319dd162d8bf
jss-javadoc-4.4.4-6.el7_6.ppc64le.rpm SHA-256: 2d02bfc729bc0a26d7a0f369765666c4e263d936615c7b8740dbaf7bdb00e6c7

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
x86_64
jss-4.4.4-6.el7_6.x86_64.rpm SHA-256: 6dcf67b0c3ba7918b27cad2349153e9f896bc78f033bb6a423f2a58fefc815a8
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-debuginfo-4.4.4-6.el7_6.x86_64.rpm SHA-256: 41ddab25956670270e3ee02b43426ea81a3a4a5205e32468077c390a070b31b6
jss-javadoc-4.4.4-6.el7_6.x86_64.rpm SHA-256: 804fbc340313da6e9aa0e759176ede80e578b168b92b490aa5648f9748218cab

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
jss-4.4.4-6.el7_6.src.rpm SHA-256: d156e1ff692fef07ea8629ec8f339a0d48c51593be696d9850b9b72ad50bf11d
s390x
jss-4.4.4-6.el7_6.s390x.rpm SHA-256: dcd9a9f9e4f93a8011c3556b626875493363b2fae877e74f6081763426b9bb66
jss-debuginfo-4.4.4-6.el7_6.s390x.rpm SHA-256: 0e9f6f5e91649581afcebe1edf600283a3f7c13326dd40188c4cb34233098885
jss-debuginfo-4.4.4-6.el7_6.s390x.rpm SHA-256: 0e9f6f5e91649581afcebe1edf600283a3f7c13326dd40188c4cb34233098885
jss-javadoc-4.4.4-6.el7_6.s390x.rpm SHA-256: 4757b041c2c4dfc5d7548efa64b5cc7ce4f4f26967bc26e54d2a7bd32019b7af

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility