A pki-core security update has been released for Oracle Linux 9.

El-errata: ELSA-2022-7326 Important: Oracle Linux 9 pki-core security update

Oracle Linux Security Advisory ELSA-2022-7326

  http://linux.oracle.com/errata/ELSA-2022-7326.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
pki-acme-11.0.6-2.0.1.el9_0.noarch.rpm
pki-base-11.0.6-2.0.1.el9_0.noarch.rpm
pki-base-java-11.0.6-2.0.1.el9_0.noarch.rpm
pki-ca-11.0.6-2.0.1.el9_0.noarch.rpm
pki-kra-11.0.6-2.0.1.el9_0.noarch.rpm
pki-server-11.0.6-2.0.1.el9_0.noarch.rpm
pki-symkey-11.0.6-2.0.1.el9_0.x86_64.rpm
pki-tools-11.0.6-2.0.1.el9_0.x86_64.rpm
python3-pki-11.0.6-2.0.1.el9_0.noarch.rpm

aarch64:
pki-acme-11.0.6-2.0.1.el9_0.noarch.rpm
pki-base-11.0.6-2.0.1.el9_0.noarch.rpm
pki-base-java-11.0.6-2.0.1.el9_0.noarch.rpm
pki-ca-11.0.6-2.0.1.el9_0.noarch.rpm
pki-kra-11.0.6-2.0.1.el9_0.noarch.rpm
pki-server-11.0.6-2.0.1.el9_0.noarch.rpm
pki-symkey-11.0.6-2.0.1.el9_0.aarch64.rpm
pki-tools-11.0.6-2.0.1.el9_0.aarch64.rpm
python3-pki-11.0.6-2.0.1.el9_0.noarch.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates/pki-core-11.0.6-2.0.1.el9_0.src.rpm

Related CVEs:

CVE-2022-2414



Description of changes:

[11.0.6-1.0.1]
- Replaced upstream graphical references [Orabug: 33952704]

[11.0.6-1]
- Bug #2107335 - CVE-2022-2414 pki-core: access to external entities when parsing XML can lead to XXE [rhel-9.0.0.z]

_______________________________________________