Описание
ELSA-2023-1368: nss security and bug fix update (IMPORTANT)
[3.79.0-17]
- fix consistency return errors. We shouldn't lock the FIPS token if the application asked for invalid DH parameters on on keygen.
[3.79.0-16]
- Add check for RSA PSS Salt required by FIPS
- Update fips_algorithms.sh according to the review.
[3.79.0-15]
- Fix CVE-2023-0767
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
nspr
4.34.0-17.el9_1
nspr-devel
4.34.0-17.el9_1
nss
3.79.0-17.el9_1
nss-devel
3.79.0-17.el9_1
nss-softokn
3.79.0-17.el9_1
nss-softokn-devel
3.79.0-17.el9_1
nss-softokn-freebl
3.79.0-17.el9_1
nss-softokn-freebl-devel
3.79.0-17.el9_1
nss-sysinit
3.79.0-17.el9_1
nss-tools
3.79.0-17.el9_1
nss-util
3.79.0-17.el9_1
nss-util-devel
3.79.0-17.el9_1
Oracle Linux x86_64
nspr
4.34.0-17.el9_1
nspr-devel
4.34.0-17.el9_1
nss
3.79.0-17.el9_1
nss-devel
3.79.0-17.el9_1
nss-softokn
3.79.0-17.el9_1
nss-softokn-devel
3.79.0-17.el9_1
nss-softokn-freebl
3.79.0-17.el9_1
nss-softokn-freebl-devel
3.79.0-17.el9_1
nss-sysinit
3.79.0-17.el9_1
nss-tools
3.79.0-17.el9_1
nss-util
3.79.0-17.el9_1
nss-util-devel
3.79.0-17.el9_1
Связанные CVE
Связанные уязвимости
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
An attacker could construct a PKCS 12 cert bundle in such a way that c ...
