Issued:: 2024-07-02
Updated:: 2024-07-02

RHSA-2024:4223 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Red Hat Certificate System security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pki-core and redhat-pki-theme is now available for Red Hat Certificate System 9.7 for RHEL 7.9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Certificate System is a complete implementation of an enterprise
software system designed to manage enterprise public key infrastructure
(PKI) deployments.

Bug fix(es):

Coolkey Hardcoded RSA Max Key Size (BZ#2047831)
Add Secure Channel Support for AES-256 Keys (BZ#2121463)
TPS missing Host header field in HTTP/1.1 request

message (BZ#2177785)

Add AES support for TMS server-side keygen on latest

HSM / FIPS environment (BZ#2180920)

Make key wrapping algorithm configurable

between AES-KWP and AES-CBC (BZ#2233158)

pkidestroy log keeps HSM token password (BZ#2253682)
Add Support for Symmetric Key Rollover (BZ#2265180)

Users of Red Hat Certificate System are advised to install these updated packages.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Certificate System 9 x86_64

Fixes

(none)

CVEs

(none)

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Certificate System 9

SRPM
pki-core-10.5.18-32.el7pki.src.rpm	SHA-256: 08707b749f850bbaa15049da6f1cd29664fb5de8d0bf5e13517fffd52a7f76a6
redhat-pki-theme-10.5.18-20.el7pki.src.rpm	SHA-256: 893c27ee2e5dd332358d631add5207529adc0846ce695022817c177e982c2f15
x86_64
pki-core-debuginfo-10.5.18-32.el7pki.x86_64.rpm	SHA-256: d70a976dd2026226b85c7e6b9e09143bc7371ee77d8b399ef75dc682c417a4a0
pki-ocsp-10.5.18-32.el7pki.noarch.rpm	SHA-256: 1ab35818b13b10e00a0dcd9963591418a78161984823c1b7a6eb2d48830a0af9
pki-tks-10.5.18-32.el7pki.noarch.rpm	SHA-256: 5f504e66f9e420dafe9004753b1c840c2aec5cae7f603558a75a00949292e1e2
pki-tps-10.5.18-32.el7pki.x86_64.rpm	SHA-256: d70f674bf070ac941b0ddae3f9e1dba25d3a016065fbb29fa5a141fd0c05a868
redhat-pki-console-theme-10.5.18-20.el7pki.noarch.rpm	SHA-256: f03efb32d1656d09b9f350eb1d812032dc7d6866e9782dd87b52be53dafcea0f
redhat-pki-server-theme-10.5.18-20.el7pki.noarch.rpm	SHA-256: a0b6f5791eec73969e571b3e128ab4b1dc6d2fd11ea9f8fb4028a32ccd42ad56

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation