Issued:: 2025-03-06
Updated:: 2025-03-06

RHSA-2025:2426 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: pki-core security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.

Security Fix(es):

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 7.7 x86_64

Fixes

BZ - 1850004 - CVE-2020-11023 jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

CVEs

CVE-2020-11023

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
pki-core-10.5.16-8.el7_7.src.rpm	SHA-256: cb8e2cd2add7c8709f8deebbd47ba3ad8541e244bf615fb96e58f5ef9c2ec6b4
x86_64
pki-base-10.5.16-8.el7_7.noarch.rpm	SHA-256: 7d70cc0959c45e00363981d8259dd184f7664a53c7ad279cd9e78045b36ca5be
pki-base-java-10.5.16-8.el7_7.noarch.rpm	SHA-256: 3b398c630ee2330b42c718a07ba95baa1d323412ecb0b2f9e9fc4354c633f2e2
pki-ca-10.5.16-8.el7_7.noarch.rpm	SHA-256: 80b0cc15bbf5295a2ee5b5e04bcabddd9891fff6b5ba03e18eb3cbc1d495c928
pki-core-debuginfo-10.5.16-8.el7_7.x86_64.rpm	SHA-256: 90c1117bec503671629dc79f890abaa11d869e70fb8823ea1b549268d5cde4b7
pki-javadoc-10.5.16-8.el7_7.noarch.rpm	SHA-256: 8ac27649a113f8004b5ef5e9ac991f8e54762efdab27ca3f5cad37444071c86d
pki-kra-10.5.16-8.el7_7.noarch.rpm	SHA-256: e124985123dbd8890776cb465f845fa2eb8af935bd0b17aa7a52a057f2151fc3
pki-server-10.5.16-8.el7_7.noarch.rpm	SHA-256: 8b23c88f2a488815ce0c98fafa871f54e40cd0eb4997742843f045c1604b5301
pki-symkey-10.5.16-8.el7_7.x86_64.rpm	SHA-256: b7547d6ec5f3a76469087504c80a2e58f799e467591a42df19f9fe50a978bd32
pki-tools-10.5.16-8.el7_7.x86_64.rpm	SHA-256: bfcc0feaf99c39a439bf595d75c5311aec046ad944c02f90138a08197108ede2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation