Описание
ELSA-2021-1384: nss security and bug fix update (MODERATE)
[3.53.1-7]
- Fix HSM load failure because of CKO_Profile
- Allow builds with strict-proto
[3.53.1-6]
- Update to CVE 2020-256423 TLS flood DOS attack patch.
[3.53.1-5]
- Fix CVE 2020-256423 TLS flood DOS Attack.
[3.53.1-4]
- Fix deadlock issue
- Fix 3 FTBS issues, 2 expired certs, one semantic change in nss-softokn.
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
nss
3.53.1-7.el7_9
nss-devel
3.53.1-7.el7_9
nss-pkcs11-devel
3.53.1-7.el7_9
nss-sysinit
3.53.1-7.el7_9
nss-tools
3.53.1-7.el7_9
Oracle Linux x86_64
nss
3.53.1-7.el7_9
nss-devel
3.53.1-7.el7_9
nss-pkcs11-devel
3.53.1-7.el7_9
nss-sysinit
3.53.1-7.el7_9
nss-tools
3.53.1-7.el7_9
Связанные CVE
Связанные уязвимости
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...
Moderate: nss and nspr security, bug fix, and enhancement update