First published: Tue Apr 28 2020(Updated: )
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.<br>Security Fix(es):<br><li> jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig (CVE-2019-14540)</li> <li> jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)</li> <li> jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* (CVE-2019-16942)</li> <li> jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource (CVE-2019-16943)</li> <li> jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* (CVE-2019-17531)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/apache-commons-collections | <3.2.2-10.module+el8.1.0+3366+6dfb954c | 3.2.2-10.module+el8.1.0+3366+6dfb954c |
redhat/apache-commons-lang | <2.6-21.module+el8.1.0+3366+6dfb954c | 2.6-21.module+el8.1.0+3366+6dfb954c |
redhat/bea-stax | <1.2.0-16.module+el8.1.0+3366+6dfb954c | 1.2.0-16.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-fastinfoset | <1.2.13-9.module+el8.1.0+3366+6dfb954c | 1.2.13-9.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-api | <2.2.12-8.module+el8.1.0+3366+6dfb954c | 2.2.12-8.module+el8.1.0+3366+6dfb954c |
redhat/jackson-annotations | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-core | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-databind | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-jaxrs-providers | <2.9.9-1.module+el8.1.0+3832+9784644d | 2.9.9-1.module+el8.1.0+3832+9784644d |
redhat/jackson-module-jaxb-annotations | <2.7.6-4.module+el8.1.0+3366+6dfb954c | 2.7.6-4.module+el8.1.0+3366+6dfb954c |
redhat/jakarta-commons-httpclient | <3.1-28.module+el8.1.0+3366+6dfb954c | 3.1-28.module+el8.1.0+3366+6dfb954c |
redhat/javassist | <3.18.1-8.module+el8.1.0+3366+6dfb954c | 3.18.1-8.module+el8.1.0+3366+6dfb954c |
redhat/pki-servlet-engine | <9.0.7-16.module+el8.1.0+3366+6dfb954c | 9.0.7-16.module+el8.1.0+3366+6dfb954c |
redhat/python-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/resteasy | <3.0.26-3.module+el8.1.0+3366+6dfb954c | 3.0.26-3.module+el8.1.0+3366+6dfb954c |
redhat/slf4j | <1.7.25-4.module+el8.1.0+3366+6dfb954c | 1.7.25-4.module+el8.1.0+3366+6dfb954c |
redhat/stax-ex | <1.7.7-8.module+el8.1.0+3366+6dfb954c | 1.7.7-8.module+el8.1.0+3366+6dfb954c |
redhat/velocity | <1.7-24.module+el8.1.0+3366+6dfb954c | 1.7-24.module+el8.1.0+3366+6dfb954c |
redhat/xalan-j2 | <2.7.1-38.module+el8.1.0+3366+6dfb954c | 2.7.1-38.module+el8.1.0+3366+6dfb954c |
redhat/xerces-j2 | <2.11.0-34.module+el8.1.0+3366+6dfb954c | 2.11.0-34.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-apis | <1.4.01-25.module+el8.1.0+3366+6dfb954c | 1.4.01-25.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-resolver | <1.2-26.module+el8.1.0+3366+6dfb954c | 1.2-26.module+el8.1.0+3366+6dfb954c |
redhat/xmlstreambuffer | <1.5.4-8.module+el8.1.0+3366+6dfb954c | 1.5.4-8.module+el8.1.0+3366+6dfb954c |
redhat/xsom | <0-19.20110809svn.module+el8.1.0+3366+6dfb954c | 0-19.20110809svn.module+el8.1.0+3366+6dfb954c |
redhat/jss | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/ldapjdk | <4.21.0-2.module+el8.2.0+4573+c3c38c7b | 4.21.0-2.module+el8.2.0+4573+c3c38c7b |
redhat/pki-core | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/tomcatjss | <7.4.1-2.module+el8.2.0+4573+c3c38c7b | 7.4.1-2.module+el8.2.0+4573+c3c38c7b |
redhat/apache-commons-collections | <3.2.2-10.module+el8.1.0+3366+6dfb954c | 3.2.2-10.module+el8.1.0+3366+6dfb954c |
redhat/apache-commons-lang | <2.6-21.module+el8.1.0+3366+6dfb954c | 2.6-21.module+el8.1.0+3366+6dfb954c |
redhat/bea-stax-api | <1.2.0-16.module+el8.1.0+3366+6dfb954c | 1.2.0-16.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-fastinfoset | <1.2.13-9.module+el8.1.0+3366+6dfb954c | 1.2.13-9.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-api | <2.2.12-8.module+el8.1.0+3366+6dfb954c | 2.2.12-8.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-core | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-runtime | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/glassfish-jaxb-txw2 | <2.2.11-11.module+el8.1.0+3366+6dfb954c | 2.2.11-11.module+el8.1.0+3366+6dfb954c |
redhat/jackson-annotations | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-core | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-databind | <2.10.0-1.module+el8.2.0+5059+3eb3af25 | 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
redhat/jackson-jaxrs-json-provider | <2.9.9-1.module+el8.1.0+3832+9784644d | 2.9.9-1.module+el8.1.0+3832+9784644d |
redhat/jackson-jaxrs-providers | <2.9.9-1.module+el8.1.0+3832+9784644d | 2.9.9-1.module+el8.1.0+3832+9784644d |
redhat/jackson-module-jaxb-annotations | <2.7.6-4.module+el8.1.0+3366+6dfb954c | 2.7.6-4.module+el8.1.0+3366+6dfb954c |
redhat/jakarta-commons-httpclient | <3.1-28.module+el8.1.0+3366+6dfb954c | 3.1-28.module+el8.1.0+3366+6dfb954c |
redhat/javassist | <3.18.1-8.module+el8.1.0+3366+6dfb954c | 3.18.1-8.module+el8.1.0+3366+6dfb954c |
redhat/javassist-javadoc | <3.18.1-8.module+el8.1.0+3366+6dfb954c | 3.18.1-8.module+el8.1.0+3366+6dfb954c |
redhat/pki-servlet | <4.0-api-9.0.7-16.module+el8.1.0+3366+6dfb954c | 4.0-api-9.0.7-16.module+el8.1.0+3366+6dfb954c |
redhat/pki-servlet-engine | <9.0.7-16.module+el8.1.0+3366+6dfb954c | 9.0.7-16.module+el8.1.0+3366+6dfb954c |
redhat/resteasy | <3.0.26-3.module+el8.1.0+3366+6dfb954c | 3.0.26-3.module+el8.1.0+3366+6dfb954c |
redhat/slf4j | <1.7.25-4.module+el8.1.0+3366+6dfb954c | 1.7.25-4.module+el8.1.0+3366+6dfb954c |
redhat/slf4j-jdk14 | <1.7.25-4.module+el8.1.0+3366+6dfb954c | 1.7.25-4.module+el8.1.0+3366+6dfb954c |
redhat/stax-ex | <1.7.7-8.module+el8.1.0+3366+6dfb954c | 1.7.7-8.module+el8.1.0+3366+6dfb954c |
redhat/velocity | <1.7-24.module+el8.1.0+3366+6dfb954c | 1.7-24.module+el8.1.0+3366+6dfb954c |
redhat/xalan-j2 | <2.7.1-38.module+el8.1.0+3366+6dfb954c | 2.7.1-38.module+el8.1.0+3366+6dfb954c |
redhat/xerces-j2 | <2.11.0-34.module+el8.1.0+3366+6dfb954c | 2.11.0-34.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-apis | <1.4.01-25.module+el8.1.0+3366+6dfb954c | 1.4.01-25.module+el8.1.0+3366+6dfb954c |
redhat/xml-commons-resolver | <1.2-26.module+el8.1.0+3366+6dfb954c | 1.2-26.module+el8.1.0+3366+6dfb954c |
redhat/xmlstreambuffer | <1.5.4-8.module+el8.1.0+3366+6dfb954c | 1.5.4-8.module+el8.1.0+3366+6dfb954c |
redhat/xsom | <0-19.20110809svn.module+el8.1.0+3366+6dfb954c | 0-19.20110809svn.module+el8.1.0+3366+6dfb954c |
redhat/ldapjdk | <4.21.0-2.module+el8.2.0+4573+c3c38c7b | 4.21.0-2.module+el8.2.0+4573+c3c38c7b |
redhat/ldapjdk-javadoc | <4.21.0-2.module+el8.2.0+4573+c3c38c7b | 4.21.0-2.module+el8.2.0+4573+c3c38c7b |
redhat/pki-base | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-base-java | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-ca | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-kra | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-server | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/python3-pki | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/tomcatjss | <7.4.1-2.module+el8.2.0+4573+c3c38c7b | 7.4.1-2.module+el8.2.0+4573+c3c38c7b |
redhat/jss | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-debuginfo | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-debugsource | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-javadoc | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/pki-core-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-core-debugsource | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-symkey | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-symkey-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-tools | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-tools-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/jss-debuginfo | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-debugsource | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-javadoc | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/pki-core-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-core-debugsource | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-symkey | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-symkey-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-tools | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-tools-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/jss | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-debuginfo | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-debugsource | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/jss-javadoc | <4.6.2-4.module+el8.2.0+6123+b4678599 | 4.6.2-4.module+el8.2.0+6123+b4678599 |
redhat/pki-core-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-core-debugsource | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-symkey | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-symkey-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-tools | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/pki-tools-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a | 10.8.3-1.module+el8.2.0+5925+bad5981a |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c | 1.0.1-10.module+el8.1.0+3366+6dfb954c |
redhat/jss | <4.6.2-4.module+el8.2.0+6123+b4678599.aa | 4.6.2-4.module+el8.2.0+6123+b4678599.aa |
redhat/jss-debuginfo | <4.6.2-4.module+el8.2.0+6123+b4678599.aa | 4.6.2-4.module+el8.2.0+6123+b4678599.aa |
redhat/jss-debugsource | <4.6.2-4.module+el8.2.0+6123+b4678599.aa | 4.6.2-4.module+el8.2.0+6123+b4678599.aa |
redhat/jss-javadoc | <4.6.2-4.module+el8.2.0+6123+b4678599.aa | 4.6.2-4.module+el8.2.0+6123+b4678599.aa |
redhat/pki-core-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a.aa | 10.8.3-1.module+el8.2.0+5925+bad5981a.aa |
redhat/pki-core-debugsource | <10.8.3-1.module+el8.2.0+5925+bad5981a.aa | 10.8.3-1.module+el8.2.0+5925+bad5981a.aa |
redhat/pki-symkey | <10.8.3-1.module+el8.2.0+5925+bad5981a.aa | 10.8.3-1.module+el8.2.0+5925+bad5981a.aa |
redhat/pki-symkey-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a.aa | 10.8.3-1.module+el8.2.0+5925+bad5981a.aa |
redhat/pki-tools | <10.8.3-1.module+el8.2.0+5925+bad5981a.aa | 10.8.3-1.module+el8.2.0+5925+bad5981a.aa |
redhat/pki-tools-debuginfo | <10.8.3-1.module+el8.2.0+5925+bad5981a.aa | 10.8.3-1.module+el8.2.0+5925+bad5981a.aa |
redhat/python-nss-debugsource | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/python-nss-doc | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/python3-nss | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
redhat/python3-nss-debuginfo | <1.0.1-10.module+el8.1.0+3366+6dfb954c.aa | 1.0.1-10.module+el8.1.0+3366+6dfb954c.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.