[El-errata] ELSA-2019-1529 Important: Oracle Linux 8 pki-deps:10.6 security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Aug 1 07:02:38 PDT 2019


Oracle Linux Security Advisory ELSA-2019-1529

http://linux.oracle.com/errata/ELSA-2019-1529.html

The following updated rpms for Oracle Linux 8 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
apache-commons-collections-3.2.2-10.module+el8.0.0+5231+3e842911.noarch.rpm
apache-commons-lang-2.6-21.module+el8.0.0+5231+3e842911.noarch.rpm
bea-stax-api-1.2.0-16.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-fastinfoset-1.2.13-9.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-api-2.2.12-8.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-core-2.2.11-11.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-runtime-2.2.11-11.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-txw2-2.2.11-11.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-annotations-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-core-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-databind-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-jaxrs-json-provider-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-jaxrs-providers-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-module-jaxb-annotations-2.7.6-4.module+el8.0.0+5231+3e842911.noarch.rpm
jakarta-commons-httpclient-3.1-28.module+el8.0.0+5231+3e842911.noarch.rpm
javassist-3.18.1-8.module+el8.0.0+5231+3e842911.noarch.rpm
javassist-javadoc-3.18.1-8.module+el8.0.0+5231+3e842911.noarch.rpm
pki-servlet-4.0-api-9.0.7-14.module+el8.0.0+5231+3e842911.noarch.rpm
pki-servlet-container-9.0.7-14.module+el8.0.0+5231+3e842911.noarch.rpm
python-nss-doc-1.0.1-10.module+el8.0.0+5231+3e842911.x86_64.rpm
python3-nss-1.0.1-10.module+el8.0.0+5231+3e842911.x86_64.rpm
relaxngDatatype-2011.1-7.module+el8.0.0+5231+3e842911.noarch.rpm
resteasy-3.0.26-3.module+el8.0.0+5231+3e842911.noarch.rpm
slf4j-1.7.25-4.module+el8.0.0+5231+3e842911.noarch.rpm
slf4j-jdk14-1.7.25-4.module+el8.0.0+5231+3e842911.noarch.rpm
stax-ex-1.7.7-8.module+el8.0.0+5231+3e842911.noarch.rpm
velocity-1.7-24.module+el8.0.0+5231+3e842911.noarch.rpm
xalan-j2-2.7.1-38.module+el8.0.0+5231+3e842911.noarch.rpm
xerces-j2-2.11.0-34.module+el8.0.0+5231+3e842911.noarch.rpm
xml-commons-apis-1.4.01-25.module+el8.0.0+5231+3e842911.noarch.rpm
xml-commons-resolver-1.2-26.module+el8.0.0+5231+3e842911.noarch.rpm
xmlstreambuffer-1.5.4-8.module+el8.0.0+5231+3e842911.noarch.rpm
xsom-0-19.20110809svn.module+el8.0.0+5231+3e842911.noarch.rpm

aarch64:
apache-commons-collections-3.2.2-10.module+el8.0.0+5231+3e842911.noarch.rpm
apache-commons-lang-2.6-21.module+el8.0.0+5231+3e842911.noarch.rpm
bea-stax-api-1.2.0-16.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-fastinfoset-1.2.13-9.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-api-2.2.12-8.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-core-2.2.11-11.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-runtime-2.2.11-11.module+el8.0.0+5231+3e842911.noarch.rpm
glassfish-jaxb-txw2-2.2.11-11.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-annotations-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-core-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-databind-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-jaxrs-json-provider-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-jaxrs-providers-2.9.8-1.module+el8.0.0+5231+3e842911.noarch.rpm
jackson-module-jaxb-annotations-2.7.6-4.module+el8.0.0+5231+3e842911.noarch.rpm
jakarta-commons-httpclient-3.1-28.module+el8.0.0+5231+3e842911.noarch.rpm
javassist-3.18.1-8.module+el8.0.0+5231+3e842911.noarch.rpm
javassist-javadoc-3.18.1-8.module+el8.0.0+5231+3e842911.noarch.rpm
pki-servlet-4.0-api-9.0.7-14.module+el8.0.0+5231+3e842911.noarch.rpm
pki-servlet-container-9.0.7-14.module+el8.0.0+5231+3e842911.noarch.rpm
python-nss-doc-1.0.1-10.module+el8.0.0+5231+3e842911.aarch64.rpm
python3-nss-1.0.1-10.module+el8.0.0+5231+3e842911.aarch64.rpm
relaxngDatatype-2011.1-7.module+el8.0.0+5231+3e842911.noarch.rpm
resteasy-3.0.26-3.module+el8.0.0+5231+3e842911.noarch.rpm
slf4j-1.7.25-4.module+el8.0.0+5231+3e842911.noarch.rpm
slf4j-jdk14-1.7.25-4.module+el8.0.0+5231+3e842911.noarch.rpm
stax-ex-1.7.7-8.module+el8.0.0+5231+3e842911.noarch.rpm
velocity-1.7-24.module+el8.0.0+5231+3e842911.noarch.rpm
xalan-j2-2.7.1-38.module+el8.0.0+5231+3e842911.noarch.rpm
xerces-j2-2.11.0-34.module+el8.0.0+5231+3e842911.noarch.rpm
xml-commons-apis-1.4.01-25.module+el8.0.0+5231+3e842911.noarch.rpm
xml-commons-resolver-1.2-26.module+el8.0.0+5231+3e842911.noarch.rpm
xmlstreambuffer-1.5.4-8.module+el8.0.0+5231+3e842911.noarch.rpm
xsom-0-19.20110809svn.module+el8.0.0+5231+3e842911.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/apache-commons-collections-3.2.2-10.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/apache-commons-lang-2.6-21.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/bea-stax-1.2.0-16.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/glassfish-fastinfoset-1.2.13-9.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/glassfish-jaxb-2.2.11-11.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/glassfish-jaxb-api-2.2.12-8.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/jackson-annotations-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/jackson-core-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/jackson-databind-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/jackson-jaxrs-providers-2.9.8-1.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/jackson-module-jaxb-annotations-2.7.6-4.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/jakarta-commons-httpclient-3.1-28.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/javassist-3.18.1-8.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/pki-servlet-container-9.0.7-14.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-nss-1.0.1-10.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/relaxngDatatype-2011.1-7.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/resteasy-3.0.26-3.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/slf4j-1.7.25-4.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/stax-ex-1.7.7-8.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/velocity-1.7-24.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/xalan-j2-2.7.1-38.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/xerces-j2-2.11.0-34.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/xml-commons-apis-1.4.01-25.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/xml-commons-resolver-1.2-26.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/xmlstreambuffer-1.5.4-8.module+el8.0.0+5231+3e842911.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/xsom-0-19.20110809svn.module+el8.0.0+5231+3e842911.src.rpm



Description of changes:

apache-commons-collections
[3.2.2-10]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[3.2.2-9]
- Remove workaround for symlink->directory rpm bug

jackson-bom
[2.9.8-1]
- Update to latest upstream release

[2.9.4-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[2.9.4-1]
- Update to latest upstream release

[2.9.3-1]
- Initial packaging

pki-servlet-container
[1:9.0.7-14]
- Update to JWS 5.0.2 distribution
- Resolves: rhbz#1658846 CVE-2018-8034 pki-servlet-container: tomcat: 
host name verification missing in WebSocket client
- Resolves: rhbz#1579614 CVE-2018-8014 pki-servlet-container: tomcat: 
Insecure defaults in CORS filter enable 'supportsCredentials' for all 
origins
- Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: 
Due to a mishandling of close in NIO/NIO2 connectors user sessions can 
get mixed up
- Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: 
Open redirect in default servlet

velocity
[0:1.7-24]
- Repack the tarball without binaries

[0:1.7-23]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

xerces-j2
[2.11.0-34]
- Fix license tag to include W3C

[2.11.0-33]
- Add requirement on javapackages-tools since scripts use
java-functions.

[2.11.0-32]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

xml-commons-resolver
[0:1.2-26]
- Add requirement on javapackages-tools since scripts use
java-functions.

[0:1.2-25]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild





More information about the El-errata mailing list