Oval Definition:oval:org.opensuse.security:def:68940
Revision Date:2020-12-01Version:1
Title:Security update for mozilla-nspr, mozilla-nss (Important)
Description:

This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to version 3.53

- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978). - CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes

mozilla-nspr to version 4.25
Family:unixClass:patch
Status:Reference(s):1100369
1109160
1118367
1118368
1128220
1156205
1157051
1159819
1161168
1169746
1170667
1170713
1171313
1171740
1171978
1172958
1173307
1173311
1173983
1175443
1176092
1176674
906079
CVE-2017-3136
CVE-2018-5741
CVE-2019-17006
CVE-2019-6477
CVE-2020-12399
CVE-2020-8616
CVE-2020-8617
CVE-2020-8618
CVE-2020-8619
CVE-2020-8620
CVE-2020-8621
CVE-2020-8622
CVE-2020-8623
CVE-2020-8624
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libfreebl3-hmac-32bit-3.53-3.40 is installed
  • OR libsoftokn3-hmac-32bit-3.53-3.40 is installed
  • OR mozilla-nss-3.53-3.40 is installed
  • OR mozilla-nss-sysinit-32bit-3.53-3.40 is installed
    • BACK