Oval Definition:oval:org.opensuse.security:def:65530
Revision Date:2020-12-01Version:1
Title:Security update for mozilla-nspr, mozilla-nss (Moderate)
Description:

This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to NSS 3.47.1:

Security issues fixed:

- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). - CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527). - CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).

mozilla-nspr was updated to version 4.23:

- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.
Family:unixClass:patch
Status:Reference(s):1141322
1158527
1159819
1173948
CVE-2018-18508
CVE-2019-11745
CVE-2019-17006
SUSE-SU-2019:3395-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libfreebl3-hmac-32bit-3.47.1-3.22 is installed
  • OR libsoftokn3-hmac-32bit-3.47.1-3.22 is installed
  • OR mozilla-nss-3.47.1-3.22 is installed
  • OR mozilla-nss-sysinit-32bit-3.47.1-3.22 is installed
  • BACK