Red Hat Product Errata RHSA-2024:8567 - Security Advisory
Issued:
2024-10-29
Updated:
2024-10-29

RHSA-2024:8567 - Security Advisory

Synopsis

Important: pki-deps:10.6 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.

Security Fix(es):

  • tomcat: Denial of Service in Tomcat (CVE-2024-38286)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

  • BZ - 2314686 - CVE-2024-38286 tomcat: Denial of Service in Tomcat

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 8808d86cf51fbacb8385c8ab63619325a63a5b9c01d511b20f8116963d3ecd25
apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 8d21f5d5b04d5f6115278eb5610c074914188e978c7f3e4ba4efa9af9a90552a
bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 6df5604c39f96f7bc1f72c2704d8af3e910773675f41751eeab3e92844c4f266
glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 54904a53c89d2e4c6b4500e3ccfbb15a21d01087d651f36f01c155ed88637934
glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: fefd1ddbf106bf9e6c091f61a4215030c4db3c53068ef29f60f05abe36c4e4ac
glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 4533ff42e7e841e1e1103d65a11509cc85a119c839109af0ff6df0c07b3a3e56
jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm SHA-256: 2e280a01c9ed8a10054ff0f98eb806f4ead383cc4e2fcc73c0d5bb459fa8d74f
jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm SHA-256: 532fe713664d6220577c6d5319e1ab4d8ea84fa637835c8b8da3587eda2a9adb
jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm SHA-256: f69003dc66a7ff74b2716c1aa353c4d94efaab234751911d5255996e5cc6f1f3
jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm SHA-256: 01e24d7e4f08094c1e2c52ead24c8271da83e722924ff0ef6d5e70254bf964de
jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 80136ff90b80351dde5e394b4b8a6339ff4fa91b9f3ce08d4bdb910aa959b573
jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 50276786098d4b9f278949f2d29cc3f9c803519053acfd5446289741d61fa9be
javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: f7758844e90881da0ab7cf51f23766930102407063cb133056781b8ec7cdd328
pki-servlet-engine-9.0.7-16.module+el8.2.0+22384+93cade87.1.src.rpm SHA-256: f9ddfaccad3ac175cd1d94b7e2a35914425c75f30291f1319c5c1ba69e497276
python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 78de9422d12b295fa42e145dd6b9ba8fd9394ca98976199c70f4f03656242170
relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 56290e8587b6a8a88ba2f7e05c7e629562889565430cd7d45622515ac3e7a1e0
resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm SHA-256: eafc9673c307e0cbf096ab9a658ea4a07567d91d119526fd7afe4239fbe5e2dd
slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 9658c2a5e83e3db3e37c4bc43de7cb3ccac3e07d814c64d8fd872e5cb3cdc0a2
stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm SHA-256: b1f9e5823d9629fb58bbb3722d40015b5e9c4a1acde507bdcb60fcd24f9ac806
velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 2d66b2fc4920e5c656bc6b0cf0669634ae0854f3f5fbce481ba6b73c8fcba83f
xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: ebd234a3e289cbc121b7224bde246ae06348d0d1b5c763c54aa22b13389d93e3
xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 1e8befbd26490fbd854478e1ec42345ac6fbe56299797abcd0bc847536ba7c20
xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 13c235e3991694ed5d0b937514da067bc7ef249e5d3cd0b875e7468ec422688d
xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 9be8f11924dfb904c88ca012ccd8ca45bbca025b54cfecf6f894a16385dee090
xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm SHA-256: 94083d7550925a1eecd68c53c168432d55afeb67d9bc0eae4a9545060b57df13
xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm SHA-256: 5c5c569ee17f3b125d907202af3940d3b870f49e205e6e3af7eca3b90357b1fd
x86_64
apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 61032ccfc3d125b1882c55dfc06101098b149aaaf78261f4d78104819b67e654
apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 324413ffde38b0e68fb4633ae751e74f06dd29d9845cc394dd75234a1c67534c
bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 5698297dddd2ffe6cb398bf43338f3153040c3e47c40e7cd271fa88076240e11
glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 59b0c5aee838fc3f60c471fd22a62c7bf7b3e7be3bc1e90f438d93652edae755
glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 230eccdbf84113f5dce6f26c5da178a7234b43620e779f4a6c71a18aa3ded1aa
glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: bf8be858f41d6742b74511b5f9ebacd9749a35c42c715c0d49ce7325de025926
glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: ed75a05cd326da7ab45df8f813c9ee87e68b3633462ec01a5bd31ae362f9efce
glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: ff5a17869359c38652f645729e2051008f7df309dfdb9d4546c054bcee255d44
jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm SHA-256: ec0ab420f75d35afe8bceb08e1d9b0bb30604e5e298287b636bad43544c0467e
jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm SHA-256: 08b96c4df383a9e3c573cf86c8c99c1df211de30c7680bf7b6ddf1cf756bb87b
jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm SHA-256: 1a544b91854bfa11be223eadd456dc2aa468b8cb4ea66a9b1c4c2f6b826f6308
jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm SHA-256: eb9105b59fd99aecfd1333f5deb85a7bceadbc8a3b335d09f09cf4bd46f176b3
jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm SHA-256: 7f1e1215e1dc93f8a33384459f677882b9f43a20461e7eeac95240da6049dd1e
jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 07dc54d65863014bb2b0243bf0f190768cb73e3c30b24075f1f412ab5ebd6853
jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 8086eed8f36137ac5f481057e0bcd04d0bf57f2c9bccc2bb0fc3feb06f574061
javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 1e7af30426ec8abe97a466764f13ea870b51198b89ae774c1b61f4ac0cc3de72
javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: e740b18bb372f1986a598c5c04f0e7a2c985feca0d8178136870a6b838367cd5
pki-servlet-4.0-api-9.0.7-16.module+el8.2.0+22384+93cade87.1.noarch.rpm SHA-256: 312d009e5a510c4a97840ebcdfc9888a0d95ddb9bb4ef29f0df6bfca41e53dfd
pki-servlet-engine-9.0.7-16.module+el8.2.0+22384+93cade87.1.noarch.rpm SHA-256: baa1c9db556ea3eda872914a478df61c7bfa9202028ba088fbc36207bd32884a
python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm SHA-256: ca0fa12ad8c1c6931da5b67d2b85689244608021d7225c979c99476179e4a351
python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm SHA-256: c935d1b335fd1e997012840c5b6a4266f98a8d3f7787249d1e33d7dd89885050
python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm SHA-256: 1c608c8d2bd0112cae5ee7014691283b507158faee48874d25b484ca6a12b0cb
python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm SHA-256: e9f19ccf767699bc27c5828b2a96faaaa17917e88ce3dfc08e7ed1b92524791f
relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 4e60603734ace48b089ee5fa3bd1a9901ccf8b8629bf1b4d2cf26ee8679bbea9
resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm SHA-256: 1b58388c2b8dd824b16a57c13e7d329abc328aeb8910d661da744a76addf830c
slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: cc1be6c45e1d7ca928f1ea9c364ac4df081815b6aa8a387fe4446e7e5d692247
slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: f99f3a46b42e49d0cff136ee14e24bf860672bff91a86f11a32cb77b83755eb0
stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm SHA-256: b1f66a15afd3cd9a0a7dae91b1c444e21606f97f0de46eae1550e3ba589f063e
velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 9e0da98978f2f63fcec18fd782a216e08964fb793b5b603b0a741688a684cda9
xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 0a2694c77779180120ec2677e5be800100697ebe3c8936a98de856e4ee9bf9e7
xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: b1a1e0ebaf0648f6f29c236349bcbc53cbc541a94b8fdf62932721868e646096
xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: f3b74c7d7f096e2a503458ddcec76f07503454b51b5699c16d14268974c70e93
xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: f13cb197c25c7a746b7aedb57778e8e360356e15626333d2b6f545daea419ac3
xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm SHA-256: 4b575b0866cbd9ea424c17a4fb841162bd826795d96cce2d06e9d17523748173
xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm SHA-256: 95e07aabb2e7c76f7a71613a1e399b7f850b955439e54a1e4edff1e458f5fa3f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.