SciLinux: SLSA-2019-4190-1 Important: nss, nss-softokn, nss-util on SL7.x x86_64

    Date 11 Dec 2019
    327
    Posted By LinuxSecurity Advisories
    nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) SL7 x86_64 nss-3.44.0-7.el7_7.i686.rpm nss-3.44.0-7.el7_7.x86_64.rpm nss-debuginfo-3.44.0-7.el7_7.i686.rpm nss-debuginfo-3.44.0-7.el7_7.x86_64.rpm nss-so [More...]
    Synopsis:          Important: nss, nss-softokn, nss-util security update
    Advisory ID:       SLSA-2019:4190-1
    Issue Date:        2019-12-10
    CVE Numbers:       None
    --
    
    Security Fix(es):
    
    * nss: Out-of-bounds write when passing an output buffer smaller than the
    block size to NSC_EncryptUpdate (CVE-2019-11745)
    
    * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation
    fault (CVE-2019-11729)
    --
    
    SL7
      x86_64
        nss-3.44.0-7.el7_7.i686.rpm
        nss-3.44.0-7.el7_7.x86_64.rpm
        nss-debuginfo-3.44.0-7.el7_7.i686.rpm
        nss-debuginfo-3.44.0-7.el7_7.x86_64.rpm
        nss-softokn-3.44.0-8.el7_7.i686.rpm
        nss-softokn-3.44.0-8.el7_7.x86_64.rpm
        nss-softokn-debuginfo-3.44.0-8.el7_7.i686.rpm
        nss-softokn-debuginfo-3.44.0-8.el7_7.x86_64.rpm
        nss-softokn-freebl-3.44.0-8.el7_7.i686.rpm
        nss-softokn-freebl-3.44.0-8.el7_7.x86_64.rpm
        nss-sysinit-3.44.0-7.el7_7.x86_64.rpm
        nss-tools-3.44.0-7.el7_7.x86_64.rpm
        nss-util-3.44.0-4.el7_7.i686.rpm
        nss-util-3.44.0-4.el7_7.x86_64.rpm
        nss-util-debuginfo-3.44.0-4.el7_7.i686.rpm
        nss-util-debuginfo-3.44.0-4.el7_7.x86_64.rpm
        nss-devel-3.44.0-7.el7_7.i686.rpm
        nss-devel-3.44.0-7.el7_7.x86_64.rpm
        nss-pkcs11-devel-3.44.0-7.el7_7.i686.rpm
        nss-pkcs11-devel-3.44.0-7.el7_7.x86_64.rpm
        nss-softokn-devel-3.44.0-8.el7_7.i686.rpm
        nss-softokn-devel-3.44.0-8.el7_7.x86_64.rpm
        nss-softokn-freebl-devel-3.44.0-8.el7_7.i686.rpm
        nss-softokn-freebl-devel-3.44.0-8.el7_7.x86_64.rpm
        nss-util-devel-3.44.0-4.el7_7.i686.rpm
        nss-util-devel-3.44.0-4.el7_7.x86_64.rpm
    
    - Scientific Linux Development Team
    

    LinuxSecurity Poll

    Have you ever used tcpdump for network troubleshooting or debugging?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/36-have-you-ever-used-tcpdump-for-network-troubleshooting-or-debugging?task=poll.vote&format=json
    36
    radio
    [{"id":"125","title":"Yes","votes":"36","type":"x","order":"1","pct":80,"resources":[]},{"id":"126","title":"No ","votes":"9","type":"x","order":"2","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.