Описание
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues:
- Move NSS DB password hash away from SHA-1.
Update to NSS 3.112.2:
- Prevent leaks during pkcs12 decoding.
- SEC_ASN1Decode* should ensure it has read as many bytes as each length field indicates
Update to NSS 3.112.1:
- restore support for finding certificates by decoded serial number.
Список пакетов
SUSE Enterprise Storage 7.1
libfreebl3-3.112.2-150000.3.132.1
libfreebl3-32bit-3.112.2-150000.3.132.1
libsoftokn3-3.112.2-150000.3.132.1
libsoftokn3-32bit-3.112.2-150000.3.132.1
mozilla-nss-3.112.2-150000.3.132.1
mozilla-nss-32bit-3.112.2-150000.3.132.1
mozilla-nss-certs-3.112.2-150000.3.132.1
mozilla-nss-certs-32bit-3.112.2-150000.3.132.1
mozilla-nss-devel-3.112.2-150000.3.132.1
mozilla-nss-sysinit-3.112.2-150000.3.132.1
mozilla-nss-sysinit-32bit-3.112.2-150000.3.132.1
mozilla-nss-tools-3.112.2-150000.3.132.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libfreebl3-3.112.2-150000.3.132.1
libfreebl3-32bit-3.112.2-150000.3.132.1
libsoftokn3-3.112.2-150000.3.132.1
libsoftokn3-32bit-3.112.2-150000.3.132.1
mozilla-nss-3.112.2-150000.3.132.1
mozilla-nss-32bit-3.112.2-150000.3.132.1
mozilla-nss-certs-3.112.2-150000.3.132.1
mozilla-nss-certs-32bit-3.112.2-150000.3.132.1
mozilla-nss-devel-3.112.2-150000.3.132.1
mozilla-nss-sysinit-3.112.2-150000.3.132.1
mozilla-nss-sysinit-32bit-3.112.2-150000.3.132.1
mozilla-nss-tools-3.112.2-150000.3.132.1
SUSE Linux Enterprise Micro 5.1
libfreebl3-3.112.2-150000.3.132.1
libsoftokn3-3.112.2-150000.3.132.1
mozilla-nss-3.112.2-150000.3.132.1
mozilla-nss-certs-3.112.2-150000.3.132.1
mozilla-nss-tools-3.112.2-150000.3.132.1
SUSE Linux Enterprise Micro 5.2
libfreebl3-3.112.2-150000.3.132.1
libsoftokn3-3.112.2-150000.3.132.1
mozilla-nss-3.112.2-150000.3.132.1
mozilla-nss-certs-3.112.2-150000.3.132.1
mozilla-nss-tools-3.112.2-150000.3.132.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libfreebl3-3.112.2-150000.3.132.1
libfreebl3-32bit-3.112.2-150000.3.132.1
libsoftokn3-3.112.2-150000.3.132.1
libsoftokn3-32bit-3.112.2-150000.3.132.1
mozilla-nss-3.112.2-150000.3.132.1
mozilla-nss-32bit-3.112.2-150000.3.132.1
mozilla-nss-certs-3.112.2-150000.3.132.1
mozilla-nss-certs-32bit-3.112.2-150000.3.132.1
mozilla-nss-devel-3.112.2-150000.3.132.1
mozilla-nss-sysinit-3.112.2-150000.3.132.1
mozilla-nss-sysinit-32bit-3.112.2-150000.3.132.1
mozilla-nss-tools-3.112.2-150000.3.132.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libfreebl3-3.112.2-150000.3.132.1
libfreebl3-32bit-3.112.2-150000.3.132.1
libsoftokn3-3.112.2-150000.3.132.1
libsoftokn3-32bit-3.112.2-150000.3.132.1
mozilla-nss-3.112.2-150000.3.132.1
mozilla-nss-32bit-3.112.2-150000.3.132.1
mozilla-nss-certs-3.112.2-150000.3.132.1
mozilla-nss-certs-32bit-3.112.2-150000.3.132.1
mozilla-nss-devel-3.112.2-150000.3.132.1
mozilla-nss-sysinit-3.112.2-150000.3.132.1
mozilla-nss-sysinit-32bit-3.112.2-150000.3.132.1
mozilla-nss-tools-3.112.2-150000.3.132.1
Ссылки
- Link for SUSE-SU-2025:3760-1
- E-Mail link for SUSE-SU-2025:3760-1
- SUSE Security Ratings
- SUSE Bug 1251263
- SUSE CVE CVE-2025-9187 page
Описание
Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird < 142.
Затронутые продукты
SUSE Enterprise Storage 7.1:libfreebl3-3.112.2-150000.3.132.1
SUSE Enterprise Storage 7.1:libfreebl3-32bit-3.112.2-150000.3.132.1
SUSE Enterprise Storage 7.1:libsoftokn3-3.112.2-150000.3.132.1
SUSE Enterprise Storage 7.1:libsoftokn3-32bit-3.112.2-150000.3.132.1
Ссылки
- CVE-2025-9187
- SUSE Bug 1248162