Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

openSUSE 15.4 SUSE-SU-2023:0434-1 Important: Mozilla-NSS Security Fix

opensuse
Calendar Grey February 16, 2023
Dist Opensuse Esm H88
Enhancement in mozilla-nss improves processing of unrecognized PKCS#12 safe bag varieties, incorporating critical security protocols.
An update that fixes one vulnerability is now available.

Description

This update for mozilla-nss fixes the following issues:

Updated to NSS 3.79.4 (bsc#1208138):

- CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types.

Topics%20covered

Topics Covered

security advisory security fix important openSUSE mozilla-nss PKCS12 handling

Patch

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap Micro 5.3:

zypper in -t patch openSUSE-Leap-Micro-5.3-2023-434=1

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-SLE-15.4-2023-434=1

- SUSE Linux Enterprise Module for Basesystem 15-SP4:

zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-434=1

- SUSE Linux Enterprise Micro 5.3:

zypper in -t patch SUSE-SLE-Micro-5.3-2023-434=1

Package List

- openSUSE Leap Micro 5.3 (aarch64 x86_64):

libfreebl3-3.79.4-150400.3.26.1

libfreebl3-debuginfo-3.79.4-150400.3.26.1

libfreebl3-hmac-3.79.4-150400.3.26.1

libsoftokn3-3.79.4-150400.3.26.1

libsoftokn3-debuginfo-3.79.4-150400.3.26.1

libsoftokn3-hmac-3.79.4-150400.3.26.1

mozilla-nss-3.79.4-150400.3.26.1

mozilla-nss-certs-3.79.4-150400.3.26.1

mozilla-nss-certs-debuginfo-3.79.4-150400.3.26.1

mozilla-nss-debuginfo-3.79.4-150400.3.26.1

mozilla-nss-debugsource-3.79.4-150400.3.26.1

mozilla-nss-tools-3.79.4-150400.3.26.1

mozilla-nss-tools-debuginfo-3.79.4-150400.3.26.1

- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):

libfreebl3-3.79.4-150400.3.26.1

libfreebl3-debuginfo-3.79.4-150400.3.26.1

libfreebl3-hmac-3.79.4-150400.3.26.1

libsoftokn3-3.79.4-150400.3.26.1

libsoftokn3-debuginfo-3.79.4-150400.3.26.1

libsoftokn3-hmac-3.79.4-150400.3.26.1

mozilla-nss-3.79.4-150400.3.26.1

mozilla-nss-certs-3.79.4-150400.3.26.1

mozilla-nss-certs-debuginfo-3.79.4-150400.3.26.1

mozilla-nss-debuginfo-3.79.4-150400.3.26.1

mozilla-nss-debug...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2023-0767.html

https://bugzilla.suse.com/1208138

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:0434-1
Rating: important
Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 openSUSE Leap Micro 5.3

Topics%20covered

Topics Covered

security advisory security fix important openSUSE mozilla-nss PKCS12 handling

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here