PT-2022-3819 · Mozilla +9 · Thunderbird +9

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 91.8 Description: The issue is related to errors when updating the OpenPGP digital signature, which can allow a remote attacker to perform a spoofing attack. Specifically, when importing a revoked key that...

MGASA-2015-0412 Updated java-1.8.0-openjdk packages fix security vulnerabilities

Updated java-1.8.0-openjdk packages fix security vulnerabilities: Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions CVE-2015-4835,...

ipa: servers do not publish correct CRLs

The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation Lists CRLs to be used and might allow remote...

rhcs CRL can get corrupted

Certificate Server 7.2 in Red Hat Certificate System RHCS does not properly handle new revocations that occur while a Certificate Revocation List CRL is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to...