SUSE-SU-2022:1113-1

Опубликовано: 05 апр. 2022

Источник: suse-cvrf

Описание

Security update for mozilla-nss

This update for mozilla-nss fixes the following issues:

Mozilla NSS 3.68.3 (bsc#1197903):

CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use.

Список пакетов

HPE Helion OpenStack 8

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

Image SLES12-SP4-Azure-BYOS

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP4-SAP-Azure-BYOS

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-BYOS

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-Basic-On-Demand

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-HPC-BYOS

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-HPC-On-Demand

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-SAP-BYOS

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-SAP-On-Demand

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-Azure-Standard-On-Demand

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-EC2-BYOS

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-EC2-ECS-On-Demand

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-EC2-On-Demand

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-EC2-SAP-BYOS

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-EC2-SAP-On-Demand

libfreebl3-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

Image SLES12-SP5-GCE-BYOS

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server 12 SP3-BCL

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server 12 SP3-LTSS

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server 12 SP4-LTSS

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server 12 SP5

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server for SAP Applications 12 SP3

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE Linux Enterprise Software Development Kit 12 SP5

mozilla-nss-devel-3.68.3-58.69.1

SUSE OpenStack Cloud 8

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE OpenStack Cloud 9

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE OpenStack Cloud Crowbar 8

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

SUSE OpenStack Cloud Crowbar 9

libfreebl3-3.68.3-58.69.1

libfreebl3-32bit-3.68.3-58.69.1

libfreebl3-hmac-3.68.3-58.69.1

libfreebl3-hmac-32bit-3.68.3-58.69.1

libsoftokn3-3.68.3-58.69.1

libsoftokn3-32bit-3.68.3-58.69.1

libsoftokn3-hmac-3.68.3-58.69.1

libsoftokn3-hmac-32bit-3.68.3-58.69.1

mozilla-nss-3.68.3-58.69.1

mozilla-nss-32bit-3.68.3-58.69.1

mozilla-nss-certs-3.68.3-58.69.1

mozilla-nss-certs-32bit-3.68.3-58.69.1

mozilla-nss-devel-3.68.3-58.69.1

mozilla-nss-sysinit-3.68.3-58.69.1

mozilla-nss-sysinit-32bit-3.68.3-58.69.1

mozilla-nss-tools-3.68.3-58.69.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20221113-1/
Link for SUSE-SU-2022:1113-1
https://lists.suse.com/pipermail/sle-security-updates/2022-April/010659.html
E-Mail link for SUSE-SU-2022:1113-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1197903
SUSE Bug 1197903
https://www.suse.com/security/cve/CVE-2022-1097/
SUSE CVE CVE-2022-1097 page

Описание

<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.

Затронутые продукты

HPE Helion OpenStack 8:libfreebl3-3.68.3-58.69.1

HPE Helion OpenStack 8:libfreebl3-32bit-3.68.3-58.69.1

HPE Helion OpenStack 8:libfreebl3-hmac-3.68.3-58.69.1

HPE Helion OpenStack 8:libfreebl3-hmac-32bit-3.68.3-58.69.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-1097.html
CVE-2022-1097
https://bugzilla.suse.com/1197903
SUSE Bug 1197903

SUSE-SU-2022:1113-1

Описание

Список пакетов

HPE Helion OpenStack 8

Image SLES12-SP4-Azure-BYOS

Image SLES12-SP4-SAP-Azure-BYOS

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-Basic-On-Demand

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

Image SLES12-SP5-EC2-ECS-On-Demand

Image SLES12-SP5-EC2-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-BYOS

Image SLES12-SP5-GCE-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP3-BCL

SUSE Linux Enterprise Server 12 SP3-LTSS

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP3

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2022-1097

Описание

Затронутые продукты

Ссылки