[ELSA-2024-12337] nss security update
Severity
Moderate
Affected Packages
13
CVEs
1
[3.90.0-6_fips]
- Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35862190]
- Update FIPS module name for Oracle Linux [Orabug: 35862190]
[3.90.0-6]
- Fix ecc DER wrapping.
[3.90.0-5]
- Pick up validated constant time implementations of p256, p384, and p521
from upsream
- More Fips indicator changes
[3.90.0-4]
- FIPS review changes
- add PORT_SafeZero to avoid compiler optimizing a way zeroing memory.
- update the indicators for this release
- allow hashing of longer than int32 values in a single PKCS #11 call.
[3.90.0-3.3]
- Fix expired certs in tests
- Fix CVE-2023-5388
- ID
- ELSA-2024-12337
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2024-12337.html
- Published
-
2024-04-19T00:00:00
(5 months ago) - Modified
-
2024-04-19T00:00:00
(5 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-12337 | https://linux.oracle.com/errata/ELSA-2024-12337.html | |
CVE | CVE-2023-6135 | https://linux.oracle.com/cve/CVE-2023-6135.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/nss?distro=oraclelinux-9.3 | oraclelinux | nss | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-util?distro=oraclelinux-9.3 | oraclelinux | nss-util | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-util-devel?distro=oraclelinux-9.3 | oraclelinux | nss-util-devel | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-tools?distro=oraclelinux-9.3 | oraclelinux | nss-tools | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-sysinit?distro=oraclelinux-9.3 | oraclelinux | nss-sysinit | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-softokn?distro=oraclelinux-9.3 | oraclelinux | nss-softokn | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-softokn-freebl?distro=oraclelinux-9.3 | oraclelinux | nss-softokn-freebl | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-softokn-freebl-devel?distro=oraclelinux-9.3 | oraclelinux | nss-softokn-freebl-devel | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-softokn-devel?distro=oraclelinux-9.3 | oraclelinux | nss-softokn-devel | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-pkcs11-devel?distro=oraclelinux-9.3 | oraclelinux | nss-pkcs11-devel | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nss-devel?distro=oraclelinux-9.3 | oraclelinux | nss-devel | < 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nspr?distro=oraclelinux-9.3 | oraclelinux | nspr | < 4.35.0-6.el9_3_fips | oraclelinux-9.3 | ||
Affected | pkg:rpm/oraclelinux/nspr-devel?distro=oraclelinux-9.3 | oraclelinux | nspr-devel | < 4.35.0-6.el9_3_fips | oraclelinux-9.3 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |