SCIENTIFIC-LINUX-ERRATA Archives

August 2017

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: pki-core on SL7.x x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Mon, 21 Aug 2017 15:43:28 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (30 lines) 
Synopsis:          Moderate: pki-core security update
Advisory ID:       SLSA-2017:2335-1
Issue Date:        2017-08-01
CVE Numbers:       CVE-2017-7537
--

Security Fix(es):

* It was found that a mock CMC authentication plugin with a hardcoded
secret was accidentally enabled by default in the pki-core package. An
attacker could potentially use this flaw to bypass the regular
authentication process and trick the CA server into issuing certificates.
(CVE-2017-7537)
--

SL7
  x86_64
    pki-core-debuginfo-10.4.1-11.el7.x86_64.rpm
    pki-symkey-10.4.1-11.el7.x86_64.rpm
    pki-tools-10.4.1-11.el7.x86_64.rpm
  noarch
    pki-base-10.4.1-11.el7.noarch.rpm
    pki-base-java-10.4.1-11.el7.noarch.rpm
    pki-ca-10.4.1-11.el7.noarch.rpm
    pki-javadoc-10.4.1-11.el7.noarch.rpm
    pki-kra-10.4.1-11.el7.noarch.rpm
    pki-server-10.4.1-11.el7.noarch.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2