Описание
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues:
Update to NSS 3.90.2:
- CVE-2023-5388: Fixed timing attack against RSA decryption in TLS (bsc#1216198)
Список пакетов
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP3-BYOS-Azure
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-BYOS-EC2-HVM
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-BYOS-GCE
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-HPC-BYOS-Azure
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-HPC-BYOS-GCE
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP3-SAP-BYOS-Azure
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP3-SAP-BYOS-GCE
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Image SLES15-SP3-SAPCAL-Azure
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
Image SLES15-SP3-SAPCAL-GCE
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
SUSE Enterprise Storage 7.1
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-sysinit-32bit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-sysinit-32bit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise Micro 5.1
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise Micro 5.2
libfreebl3-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-sysinit-32bit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libfreebl3-3.90.2-150000.3.108.1
libfreebl3-32bit-3.90.2-150000.3.108.1
libsoftokn3-3.90.2-150000.3.108.1
libsoftokn3-32bit-3.90.2-150000.3.108.1
mozilla-nss-3.90.2-150000.3.108.1
mozilla-nss-32bit-3.90.2-150000.3.108.1
mozilla-nss-certs-3.90.2-150000.3.108.1
mozilla-nss-certs-32bit-3.90.2-150000.3.108.1
mozilla-nss-devel-3.90.2-150000.3.108.1
mozilla-nss-sysinit-3.90.2-150000.3.108.1
mozilla-nss-sysinit-32bit-3.90.2-150000.3.108.1
mozilla-nss-tools-3.90.2-150000.3.108.1
Ссылки
- Link for SUSE-SU-2024:0579-1
- E-Mail link for SUSE-SU-2024:0579-1
- SUSE Security Ratings
- SUSE Bug 1216198
- SUSE CVE CVE-2023-5388 page
Описание
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libfreebl3-3.90.2-150000.3.108.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libsoftokn3-3.90.2-150000.3.108.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:mozilla-nss-3.90.2-150000.3.108.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:mozilla-nss-certs-3.90.2-150000.3.108.1
Ссылки
- CVE-2023-5388
- SUSE Bug 1216198
- SUSE Bug 1221327