Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2024:2600-1 Moderate: Mozilla NSS Security Enhancements

suse
Calendar Grey July 23, 2024
Dist Suse Esm H88
A recent security update for Mozilla NSS has been released for SUSE to fix a vulnerability rated as moderately severe. Detailed installation guidelines are provided.
* bsc#1214980 * bsc#1222804 * bsc#1222807 * bsc#1222811 * bsc#1222813

Summary

## This update for mozilla-nss fixes the following issues: * FIPS: Added more safe memset (bsc#1222811). * FIPS: Adjusted AES GCM restrictions (bsc#1222830). * FIPS: Adjusted approved ciphers (bsc#1222813, bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118, bsc#1222807, bsc#1222828, bsc#1222834, bsc#1222804, bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116). Update to NSS 3.101.1: * GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. update to NSS 3.101: * add diagnostic assertions for SFTKObject refcount. * freeing the slot in DeleteCertAndKey if authentication failed * fix formatting issues. * Add Firmaprofesional CA Root-A Web to NSS. * remove invalid acvp fuzz test vectors. * pad short P-384 and P-521 signatures gtests. * remove unused FreeBL ECC code.

Topics%20covered

Topics Covered

security advisory security update moderate severity SUSE Linux Enterprise mozilla-nss

References

* bsc#1214980

* bsc#1222804

* bsc#1222807

* bsc#1222811

* bsc#1222813

* bsc#1222814

* bsc#1222821

* bsc#1222822

* bsc#1222826

* bsc#1222828

* bsc#1222830

* bsc#1222833

* bsc#1222834

* bsc#1224113

* bsc#1224115

* bsc#1224116

* bsc#1224118

Cross-

* CVE-2023-5388

CVSS scores:

* CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* SUSE Enterprise Storage 7.1

* SUSE Linux Enterprise High Performance Computing 15 SP2

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3

* SUSE Linux Enterprise Micro 5.1

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Micro for Rancher 5.2

* SUSE Linux Enterprise Server 15 SP2

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2600-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory security update moderate severity SUSE Linux Enterprise mozilla-nss

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here