An idm:DL1 and idm:client security, bug fix, and enhancement update has been released for Red Hat Enterprise Linux 8.
RHSA-2020:4670-01: Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4670-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4670
Issue date: 2020-11-03
CVE Names: CVE-2015-9251 CVE-2016-10735 CVE-2018-14040
CVE-2018-14042 CVE-2018-20676 CVE-2018-20677
CVE-2019-8331 CVE-2019-11358 CVE-2020-1722
CVE-2020-11022
=====================================================================
1. Summary:
An update for the idm:DL1 and idm:client modules is now available for Red
Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
Red Hat Identity Management (IdM) is a centralized authentication, identity
management, and authorization solution for both traditional and cloud-based
enterprise environments.
The following packages have been upgraded to a later upstream version: ipa
(4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765,
BZ#1818877)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests
(CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent
attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property
(CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* js-jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter
method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service
(CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed ( https://bugzilla.redhat.com/):
1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests
1430365 - [RFE] Host-group names command rename
1488732 - fake_mname in named.conf is no longer effective
1585020 - Enable compat tree to provide information about AD users and groups on trust agents
1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip
1651577 - [WebUI] IPA Error 3007: RequirmentError" while adding members in "User ID overrides" tab
1668082 - CVE-2018-20676 bootstrap: XSS in the tooltip data-viewport attribute
1668089 - CVE-2018-20677 bootstrap: XSS in the affix configuration target property
1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute
1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute
1701233 - [RFE] support setting supported signature methods on the token
1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
1746830 - Memory leak during search of idview overrides
1750893 - Memory leak when slapi-nis return entries retrieved from nsswitch
1751295 - When sync-repl is enabled, slapi-nis can deadlock during retrochanglog trimming
1757045 - IDM Web GUI / IPA web UI: the ID override operation doesn't work in GUI (it works only from CLI)
1759888 - Rebase OpenDNSSEC to 2.1
1768156 - ERR - schemacompat - map rdlock: old way MAP_MONITOR_DISABLED
1777806 - When Service weight is set as 0 for server in IPA location "IPA Error 903: InternalError" is displayed
1793071 - CVE-2020-1722 ipa: No password length restriction leads to denial of service
1801698 - [RFE] Changing default hostgroup is too easy
1802471 - SELinux policy for ipa-custodia
1809835 - RFE: ipa group-add-member: number of failed should also be emphasized
1810154 - RFE: ipa-backup should compare locally and globally installed server roles
1810179 - ipa-client-install should name authselect backups and restore to that at uninstall time
1813330 - ipa-restore does not restart httpd
1816784 - KRA install fails if all KRA members are Hidden Replicas
1818765 - [Rebase] Rebase ipa to 4.8.6+
1818877 - [Rebase] Rebase to softhsm 2.6.0+
1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
1831732 - AVC avc: denied { dac_override } for comm="ods-enforcerd
1831935 - AD authentication with IdM against SQL Server
1832331 - [abrt] [faf] 389-ds-base: unknown function(): /usr/sbin/ns-slapd killed by 11
1833266 - [dirsrv] set 'nsslapd-enable-upgrade-hash: off' as this raises warnings
1834264 - BIND rebase: rebuild against new so version
1834909 - softhsm use-after-free on process exit
1845211 - Rebase bind-dyndb-ldap to 11.3
1845537 - IPA bind configuration issue
1845596 - ipa trust-add fails with 'Fetching domains from trusted forest failed'
1846352 - cannot issue certs with multiple IP addresses corresponding to different hosts
1846434 - Remove ipa-idoverride-memberof as superceded by ipa-server 4.8.7
1847999 - EPN does not ship its default configuration ( /etc/ipa/epn.conf ) in freeipa-client-epn
1849914 - FreeIPA - Utilize 256-bit AJP connector passwords
1851411 - ipa: typo issue in ipanthomedirectoryrive deffinition
1852244 - ipa-healthcheck inadvertently obsoleted in RHEL 8.2
1853263 - ipa-selinux package missing
1857157 - replica install failing with avc denial for custodia component
1858318 - AttributeError: module 'ssl' has no attribute 'SSLCertVerificationError' when upgrading ca-less ipa master
1859213 - AVC denial during ipa-adtrust-install --add-agents
1863079 - ipa-epn command displays 'exception: ConnectionRefusedError: [Errno 111] Connection refused'
1863616 - CA-less install does not set required permissions on KDC certificate
1866291 - EPN: enhance input validation
1866938 - ipa-epn fails to retrieve user data if some user attributes are not present
1868432 - Unhandled Python exception in '/usr/libexec/ipa/ipa-pki-retrieve-key'
1869311 - ipa trust-add fails with 'Fetching domains from trusted forest failed'
1870202 - File permissions of /etc/ipa/ca.crt differ between CA-ful and CA-less
1874015 - ipa hbacrule-add-service --hbacsvcs=sshd is not applied successfully for subdomain
1875348 - Valgrind reports a memory leak in the Schema Compatibility plugin.
1879604 - pkispawn logs files are empty
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm
custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm
ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm
ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm
ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm
ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm
python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm
python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm
python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm
python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm
python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm
python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm
python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm
pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm
pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm
aarch64:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm
noarch:
custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm
ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm
ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm
ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm
ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm
python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm
python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm
python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm
python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm
python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm
python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm
python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm
python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm
python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm
python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm
ppc64le:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm
s390x:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm
x86_64:
bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm
bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm
bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm
ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm
opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm
opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm
opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm
slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm
slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm
slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm
softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2015-9251
https://access.redhat.com/security/cve/CVE-2016-10735
https://access.redhat.com/security/cve/CVE-2018-14040
https://access.redhat.com/security/cve/CVE-2018-14042
https://access.redhat.com/security/cve/CVE-2018-20676
https://access.redhat.com/security/cve/CVE-2018-20677
https://access.redhat.com/security/cve/CVE-2019-8331
https://access.redhat.com/security/cve/CVE-2019-11358
https://access.redhat.com/security/cve/CVE-2020-1722
https://access.redhat.com/security/cve/CVE-2020-11022
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.