Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0118-1

Опубликовано: 20 янв. 2023
Источник: suse-cvrf

Описание

Security update for mozilla-nss

This update for mozilla-nss fixes the following issues:

  • CVE-2022-3479: Fixed a potential crash that could be triggered when a server requested a client authentication certificate, but the client had no certificates stored (bsc#1204272).
  • Updated to version 3.79.3 (bsc#1207038):
    • CVE-2022-23491: Removed trust for 3 root certificates from TrustCor.

Список пакетов

Image SLES12-SP5-Azure-BYOS
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-Basic-On-Demand
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-HPC-BYOS
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-HPC-On-Demand
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-SAP-BYOS
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-SAP-On-Demand
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-Standard-On-Demand
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-EC2-BYOS
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-EC2-ECS-On-Demand
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-EC2-On-Demand
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-EC2-SAP-BYOS
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-EC2-SAP-On-Demand
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-GCE-BYOS
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-GCE-On-Demand
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-GCE-SAP-BYOS
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-GCE-SAP-On-Demand
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libfreebl3-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
SUSE Linux Enterprise Server 12 SP2-BCL
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-devel-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1
SUSE Linux Enterprise Server 12 SP5
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-devel-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-devel-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-devel-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1
SUSE Linux Enterprise Software Development Kit 12 SP5
mozilla-nss-devel-3.79.3-58.91.1
SUSE OpenStack Cloud 9
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-devel-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1
SUSE OpenStack Cloud Crowbar 9
libfreebl3-3.79.3-58.91.1
libfreebl3-32bit-3.79.3-58.91.1
libfreebl3-hmac-3.79.3-58.91.1
libfreebl3-hmac-32bit-3.79.3-58.91.1
libsoftokn3-3.79.3-58.91.1
libsoftokn3-32bit-3.79.3-58.91.1
libsoftokn3-hmac-3.79.3-58.91.1
libsoftokn3-hmac-32bit-3.79.3-58.91.1
mozilla-nss-3.79.3-58.91.1
mozilla-nss-32bit-3.79.3-58.91.1
mozilla-nss-certs-3.79.3-58.91.1
mozilla-nss-certs-32bit-3.79.3-58.91.1
mozilla-nss-devel-3.79.3-58.91.1
mozilla-nss-sysinit-3.79.3-58.91.1
mozilla-nss-sysinit-32bit-3.79.3-58.91.1
mozilla-nss-tools-3.79.3-58.91.1

Ссылки

Описание

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-Basic-On-Demand:mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-HPC-BYOS:mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-HPC-On-Demand:mozilla-nss-certs-3.79.3-58.91.1
Ссылки

Описание

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash.

Затронутые продукты
Image SLES12-SP5-Azure-BYOS:mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-Basic-On-Demand:mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-HPC-BYOS:mozilla-nss-certs-3.79.3-58.91.1
Image SLES12-SP5-Azure-HPC-On-Demand:mozilla-nss-certs-3.79.3-58.91.1
Ссылки