Oval Definition:
oval:org.opensuse.security:def:93367
Revision Date
:
2019-12-30
Version
:
1
Title
:
(Moderate)
Description
:
This update for mozilla-nspr, mozilla-nss fixes the following issues:
mozilla-nss was updated to NSS 3.47.1:
Security issues fixed:
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). - CVE-2019-11745: EncryptUpdate should use maxout, not block size (bsc#1158527). - CVE-2019-11727: Fixed vulnerability sign CertificateVerify with PKCS#1 v1.5 signatures issue (bsc#1141322).
mozilla-nspr was updated to version 4.23:
- Whitespace in C files was cleaned up and no longer uses tab characters for indenting.
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1141322
1158194
1158527
1159819
CVE-2018-18508
CVE-2019-11745
CVE-2019-17006
CVE-2019-19451
SUSE-SU-2019:3391-1
Platform(s)
:
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
AND
Package Information
dia-0.97.3-4.3.3 is installed
OR
dia-lang-0.97.3-4.3.3 is installed
Definition Synopsis
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 is installed
AND
mozilla-nspr-4.23-3.9.1 is installed
BACK