--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-24a0a2f24e
2019-10-26 17:17:38.272787
--------------------------------------------------------------------------------
Name : jss
Product : Fedora 31
Version : 4.6.2
Release : 1.fc31
URL :
http://www.dogtagpki.org/wiki/JSS
Summary : Java Security Services (JSS)
Description :
Java Security Services (JSS) is a java native interface which provides a bridge
for java-based applications to use native Network Security Services (NSS).
This only works with gcj. Other JREs require that JCE providers be signed.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2019-14823
--------------------------------------------------------------------------------
ChangeLog:
* Tue Oct 15 2019 Dogtag PKI Team <pki-devel(a)redhat.com> - 4.6.2-1
- Rebase to JSS 4.6.2
- Fixes CVE-2019-14823
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1747435 - CVE-2019-14823 JSS: OCSP policy "Leaf and Chain"
implicitly trusts the root certificate
https://bugzilla.redhat.com/show_bug.cgi?id=1747435
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-24a0a2f24e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------