[ELSA-2024-12337] nss security update
Severity
Moderate
Affected Packages
13
CVEs
1
[3.90.0-6_fips]
- Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35862190]
- Update FIPS module name for Oracle Linux [Orabug: 35862190]
[3.90.0-6]
- Fix ecc DER wrapping.
[3.90.0-5]
- Pick up validated constant time implementations of p256, p384, and p521
from upsream
- More Fips indicator changes
[3.90.0-4]
- FIPS review changes
- add PORT_SafeZero to avoid compiler optimizing a way zeroing memory.
- update the indicators for this release
- allow hashing of longer than int32 values in a single PKCS #11 call.
[3.90.0-3.3]
- Fix expired certs in tests
- Fix CVE-2023-5388
- ID
- ELSA-2024-12337
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2024-12337.html
- Published
-
2024-04-19T00:00:00
(5 months ago) - Modified
-
2024-04-19T00:00:00
(5 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
ALAS2-2024-2456
ALSA-2024:0786
GLSA-202401-10
MFSA-2023-56
RHSA-2024:0786
RLSA-2024:0786
USN-6562-1| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2024-12337 |
|
|
| CVE | CVE-2023-6135 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/nss?distro=oraclelinux-9.3 | oraclelinux |
 nss
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-util?distro=oraclelinux-9.3 | oraclelinux |
nss-util
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-util-devel?distro=oraclelinux-9.3 | oraclelinux |
nss-util-devel
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-tools?distro=oraclelinux-9.3 | oraclelinux |
nss-tools
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-sysinit?distro=oraclelinux-9.3 | oraclelinux |
nss-sysinit
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-softokn?distro=oraclelinux-9.3 | oraclelinux |
nss-softokn
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-softokn-freebl?distro=oraclelinux-9.3 | oraclelinux |
nss-softokn-freebl
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-softokn-freebl-devel?distro=oraclelinux-9.3 | oraclelinux |
nss-softokn-freebl-devel
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-softokn-devel?distro=oraclelinux-9.3 | oraclelinux |
nss-softokn-devel
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-pkcs11-devel?distro=oraclelinux-9.3 | oraclelinux |
nss-pkcs11-devel
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nss-devel?distro=oraclelinux-9.3 | oraclelinux |
nss-devel
|
< 3.90.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nspr?distro=oraclelinux-9.3 | oraclelinux |
nspr
|
< 4.35.0-6.el9_3_fips | oraclelinux-9.3 | ||
| Affected | pkg:rpm/oraclelinux/nspr-devel?distro=oraclelinux-9.3 | oraclelinux |
nspr-devel
|
< 4.35.0-6.el9_3_fips | oraclelinux-9.3 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |