## This update for mozilla-nss fixes the following issues: * update to NSS 3.101.2 * ChaChaXor to return after the function * update to NSS 3.101.1 * missing sqlite header. * GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. * update to NSS 3.101 * add diagnostic assertions for SFTKObject refcount. * freeing the slot in DeleteCertAndKey if authentication failed * fix formatting issues. * Add Firmaprofesional CA Root-A Web to NSS. * remove invalid acvp fuzz test vectors. * pad short P-384 and P-521 signatures gtests. * remove unused FreeBL ECC code. * pad short P-384 and P-521 signatures. * be less strict about ECDSA private key length. * Integrate HACL* P-521. * Integrate HACL* P-384. * memory leak in create_objects_from_handles. * ensure all input is consumed in a few places in mozilla::pkix
* bsc#1214980
* bsc#1216198
* bsc#1222804
* bsc#1222807
* bsc#1222811
* bsc#1222813
* bsc#1222814
* bsc#1222821
* bsc#1222822
* bsc#1222826
* bsc#1222828
* bsc#1222830
* bsc#1222833
* bsc#1222834
* bsc#1223724
* bsc#1224113
* bsc#1224115
* bsc#1224116
* bsc#1224118
* bsc#1227918
* jsc#PED-6358
Cross-
* CVE-2023-5388
CVSS scores:
* CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-5388 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected Products:
* SUSE Linux Micro 6.0
An update that solves one vulnerability, contains one feature and has 19 fixes
can now be installed.
##
* https://www.suse.com/security/cve/CVE-2023-5388.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214980
* https://bugzilla.suse.com/show_bug.cgi?id=1216198
Get the latest Linux and open source security news straight to your inbox.