Oracle Linux: (CVE-2021-4213) ELSA-2022-1851: pki-core:10.6 security and bug fix update

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From ELSA-2022-1851:

jss [4.9.3-1] - Rebase to JSS 4.9.3 - Bug 2046022 - CVE-2021-4213 pki-core:10.6/jss: memory leak in TLS connection leads to OOM [rhel-8] [4.9.2-1] - Rebase to JSS 4.9.2 ldapjdk [4.23.0-1] - Rebase to LDAP SDK 4.23.0 [4.23.0-0.1] - Rebase to LDAP SDK 4.23.0-alpha1 pki-core [10.12.0-2.0.1] - Remove upstream reference. [10.12.0-2] - Bug 2027470 - pki-healthcheck ClonesConnectivyAndDataCheck fails [10.12.0-0.1] - Rebase to PKI 10.12.0 - Bug 1904112 - pki fails to start if empty dir /var/lib/pki/pki-tomcat/kra exists - Bug 1984455 - [RFE] Date Format on the TPS Agent Page - Bug 1980378 - 'keyctl_search: Required key not available' message when running 'ipa-healthcheck' - Bug 2004084 - Reinstall of the same ipa-replica fails with 'RuntimeError: CA configuration failed.' - Bug 2006070 - Upgrades incorrectly add secret attribute to connectors