Critical Mozilla NSS Integrity Tests for openSUSE Leap Micro 5.2 Update
suse
September 1, 2022
An update that solves one vulnerability and has 6 fixes is now available
Summary
This update for mozilla-nss fixes the following issues: Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4: - Makes the PBKDF known answer test compliant with NIST SP800-132. (bsc#1192079). - FIPS: Add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck() (bsc#1198980). - FIPS: mark algorithms as approved/non-approved according to security policy (bsc#1191546, bsc#1201298). - FIPS: remove hard disabling of unapproved algorithms. This requirement is now fulfilled by the service level indicator (bsc#1200325). - Run test suite at build time, and make it pass (bsc#1198486). - FIPS: skip algorithms that are hard disabled in FIPS mode. - Prevent expired PayPalEE cert from failing the tests. - Allow checksumming to be disabled, but only if we entered FIPS mode due
References
#1192079 #1192080 #1192086 #1192087 #1192228
#1198486 #1200027
Cross- CVE-2022-31741
CVSS scores:
CVE-2022-31741 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap Micro 5.2
https://www.suse.com/security/cve/CVE-2022-31741.html
https://bugzilla.suse.com/1192079
https://bugzilla.suse.com/1192080
https://bugzilla.suse.com/1192086
https://bugzilla.suse.com/1192087
https://bugzilla.suse.com/1192228
https://bugzilla.suse.com/1198486
https://bugzilla.suse.com/1200027
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2022:2533-2
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!