Oval Definition:oval:org.opensuse.security:def:90263
Revision Date:2019-12-30Version:1
Title:Security update for mozilla-nspr, mozilla-nss (Moderate)
Description:

This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to NSS 3.47.1:

Security issues fixed:

- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). - CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527). - CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).

mozilla-nspr was updated to version 4.23:

- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.
Family:unixClass:patch
Status:Reference(s):1141322
1158527
1159819
CVE-2018-18508
CVE-2019-11745
CVE-2019-17006
SUSE-SU-2019:3395-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libfreebl3-3.47.1-3.22.1 is installed
  • OR libfreebl3-32bit-3.47.1-3.22.1 is installed
  • OR libsoftokn3-3.47.1-3.22.1 is installed
  • OR libsoftokn3-32bit-3.47.1-3.22.1 is installed
  • OR mozilla-nspr-4.23-3.9.1 is installed
  • OR mozilla-nspr-32bit-4.23-3.9.1 is installed
  • OR mozilla-nspr-devel-4.23-3.9.1 is installed
  • OR mozilla-nss-3.47.1-3.22.1 is installed
  • OR mozilla-nss-32bit-3.47.1-3.22.1 is installed
  • OR mozilla-nss-certs-3.47.1-3.22.1 is installed
  • OR mozilla-nss-certs-32bit-3.47.1-3.22.1 is installed
  • OR mozilla-nss-devel-3.47.1-3.22.1 is installed
  • OR mozilla-nss-sysinit-3.47.1-3.22.1 is installed
  • OR mozilla-nss-tools-3.47.1-3.22.1 is installed
    • BACK