Описание
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues:
Security issues fixed:
- CVE-2018-12404: Cache side-channel variant of the Bleichenbacher attack (bsc#1119069).
Non-security issue fixed:
- Update to mozilla-nss 3.41.1
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libfreebl3-3.41.1-lp150.2.16.1
libfreebl3-32bit-3.41.1-lp150.2.16.1
libfreebl3-hmac-3.41.1-lp150.2.16.1
libfreebl3-hmac-32bit-3.41.1-lp150.2.16.1
libsoftokn3-3.41.1-lp150.2.16.1
libsoftokn3-32bit-3.41.1-lp150.2.16.1
libsoftokn3-hmac-3.41.1-lp150.2.16.1
libsoftokn3-hmac-32bit-3.41.1-lp150.2.16.1
mozilla-nss-3.41.1-lp150.2.16.1
mozilla-nss-32bit-3.41.1-lp150.2.16.1
mozilla-nss-certs-3.41.1-lp150.2.16.1
mozilla-nss-certs-32bit-3.41.1-lp150.2.16.1
mozilla-nss-devel-3.41.1-lp150.2.16.1
mozilla-nss-sysinit-3.41.1-lp150.2.16.1
mozilla-nss-sysinit-32bit-3.41.1-lp150.2.16.1
mozilla-nss-tools-3.41.1-lp150.2.16.1
Ссылки
- E-Mail link for openSUSE-SU-2019:0183-1
- SUSE Security Ratings
- SUSE Bug 1119069
- SUSE CVE CVE-2018-12404 page
Описание
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
Затронутые продукты
openSUSE Leap 15.0:libfreebl3-3.41.1-lp150.2.16.1
openSUSE Leap 15.0:libfreebl3-32bit-3.41.1-lp150.2.16.1
openSUSE Leap 15.0:libfreebl3-hmac-3.41.1-lp150.2.16.1
openSUSE Leap 15.0:libfreebl3-hmac-32bit-3.41.1-lp150.2.16.1
Ссылки
- CVE-2018-12404
- SUSE Bug 1119069
- SUSE Bug 1119105
- SUSE Bug 1121207