Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2020:1839-1 Important Mozilla-nspr, Mozilla-nss Threat Update

suse
Calendar Grey July 3, 2020
Dist Suse Esm H88
SUSE security patch addresses multiple vulnerabilities in mozilla-nspr and mozilla-nss for different distributions.
An update that solves three vulnerabilities and has three fixes is now available

Summary

This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation (bsc#1173032). - CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978). - CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819). - Fixed various FIPS issues in libfreebl3 which were causing segfaults in the test suite of chrony (bsc#1168669). - Fixed an issue where Firefox tab was crashing (bsc#1170908). Release notes: ase_notes mozilla-nspr to version 4.25 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

Topics%20covered

Topics Covered

security advisory update threat important suse mozilla-nss mozilla-nspr

References

#1159819 #1168669 #1169746 #1170908 #1171978

#1173022

Cross- CVE-2019-17006 CVE-2020-12399 CVE-2020-12402

Affected Products:

SUSE OpenStack Cloud Crowbar 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server for SAP 12-SP4

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4-LTSS

SUSE Linux Enterprise Server 12-SP3-LTSS

SUSE Linux Enterprise Server 12-SP3-BCL

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Linux Enterprise ...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:1839-1
Rating: important

Topics%20covered

Topics Covered

security advisory update threat important suse mozilla-nss mozilla-nspr

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here