Format: 1.8 Date: Tue, 09 Nov 2021 22:52:36 +0000 Source: dogtag-pki Architecture: source Version: 10.8.3-1ubuntu1.2~test1 Distribution: focal-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Paulo Flabiano Smorigo Changes: dogtag-pki (10.8.3-1ubuntu1.2~test1) focal-security; urgency=medium . * SECURITY UPDATE: Incorrect Authorization - debian/patches/CVE-2021-20179.patch: Fix renewal profile approval process. - CVE-2021-20179 * SECURITY UPDATE: Cross-site Scripting - debian/patches/CVE-2019-10146.patch: Fix XSS in PathLength attribute in CA agent web page. - debian/patches/CVE-2019-10221.patch: Fix reflected XSS attack when hitting getCookie endpoint. - debian/patches/CVE-2020-25715.patch: Resolve XSS in ca queryCert pagination. - debian/patches/CVE-2020-1721.patch: Address CVE-2020-1721. - CVE-2020-25715 - CVE-2019-10146 - CVE-2019-10221 - CVE-2020-1721 * SECURITY UPDATE: Sensitive Information Disclosure - debian/patches/CVE-2021-3551_1.patch: Fix permission for existing installation logs. - debian/patches/CVE-2021-3551_2.patch: Fix permission for new installation logs. - CVE-2021-3551 Checksums-Sha1: 9ed01fc6e0009b378a1a5757a17e34c8fbde5d59 3951 dogtag-pki_10.8.3-1ubuntu1.2~test1.dsc e39c8dcdf78332c8f82cedc7186aa56772da02c4 37748 dogtag-pki_10.8.3-1ubuntu1.2~test1.debian.tar.xz d4170333e693aed4f524766530990f584a482393 18837 dogtag-pki_10.8.3-1ubuntu1.2~test1_source.buildinfo Checksums-Sha256: 52cd5719b1ab955c9d20932fdd7b1e61bf10f9e6eddf35e86a2e8fc28861a592 3951 dogtag-pki_10.8.3-1ubuntu1.2~test1.dsc 167c93c1bff34eab9384ecfe8e9f047ce9ef8b292a91a28a7f91c6359f107a0c 37748 dogtag-pki_10.8.3-1ubuntu1.2~test1.debian.tar.xz 8bc56291406e0e6923a67855144bbfabb629f4e5b41d70eeb9b50abdb655625c 18837 dogtag-pki_10.8.3-1ubuntu1.2~test1_source.buildinfo Files: 8e18918f1863ac13e2be12680ba80e0f 3951 java optional dogtag-pki_10.8.3-1ubuntu1.2~test1.dsc 5e83f6bd4922cb96cdc01d969f95e8a9 37748 java optional dogtag-pki_10.8.3-1ubuntu1.2~test1.debian.tar.xz 06d383646ca71eae156eebf836caeeaf 18837 java optional dogtag-pki_10.8.3-1ubuntu1.2~test1_source.buildinfo Original-Maintainer: Debian FreeIPA Team