Oval Definition:
oval:org.opensuse.security:def:65530
Revision Date
:
2020-12-01
Version
:
1
Title
:
Security update for mozilla-nspr, mozilla-nss (Moderate)
Description
:
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to NSS 3.47.1:
Security issues fixed:
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). - CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527). - CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).
mozilla-nspr was updated to version 4.23:
- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1141322
1158527
1159819
1173948
CVE-2018-18508
CVE-2019-11745
CVE-2019-17006
SUSE-SU-2019:3395-1
Platform(s)
:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND
Package Information
libfreebl3-hmac-32bit-3.47.1-3.22 is installed
OR
libsoftokn3-hmac-32bit-3.47.1-3.22 is installed
OR
mozilla-nss-3.47.1-3.22 is installed
OR
mozilla-nss-sysinit-32bit-3.47.1-3.22 is installed
BACK