Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Warning: Undefined array key "Description" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 220

Fedora 29: JSS Security Update FEDORA-2019-4d33c62860 Critical OCSP Policy

fedora
Calendar Grey October 25, 2019
Dist Fedora Esm H88
Critical patch for JSS on Fedora addressing CVE-2019-14823. Update is immediately accessible for deployment.
Security fix for CVE-2019-14823

Summary

Java Security Services (JSS) is a java native interface which provides a bridge

for java-based applications to use native Network Security Services (NSS).

This only works with gcj. Other JREs require that JCE providers be signed.

Security fix for CVE-2019-14823

* Tue Oct 15 2019 Dogtag PKI Team - 4.6.2-1

- Rebase to JSS 4.6.2

- Fixes CVE-2019-14823

* Thu Aug 8 2019 Dogtag PKI Team - 4.6.1-2

- Disable unnecessary tests to fix broken s390x

* Thu Aug 8 2019 Dogtag PKI Team - 4.6.1-1

- Rebase to JSS 4.6.1

* Mon May 6 2019 Dogtag PKI Team - 4.5.3-2

- Add AIA OCSP certificate checking patch

* Tue Mar 19 2019 Dogtag PKI Team - 4.5.3-1

- Rebase to JSS 4.5.3

* Fri Feb 1 2019 Dogtag PKI Team - 4.5.2-3

- Include nuxwdog patch for netscape.security.util.Utils from PKI

* Mon Jan 14 2019 Dogtag PKI Team 4.5.2-1

- Rebased to JSS 4.5.2

* Thu Nov 29 2018 Dogtag PKI Team 4.5.1-1

- Rebased to JSS 4.5.1

- Red Hat Bugzilla #1582323 - DER encoding error for enumerated types with a value of zero

- Red Hat Bugzilla #1534765 - javadoc for org.mozilla.jss.pkix.cms.SignedData.getSignerInfos() is incorrect

[ 1 ] Bug #1747435 - CVE-2019-14823 JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate

https://bugzilla.redhat.com/show_bug.cgi?id=1747435

su -c 'dnf upgrade --advisory FEDORA-2019-4d33c62860' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory critical Fedora Java jss OCSP policy

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 29
Version: 4.6.2
Release: 1.fc29
URL: https://www.dogtagpki.org/wiki/JSS
Summary: Java Security Services (JSS)

Topics%20covered

Topics Covered

security advisory critical Fedora Java jss OCSP policy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here