Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1406: Red Hat Security Advisory: nss security update

An update for nss is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.
Red Hat Security Data
#vulnerability#linux#red_hat#firefox#sap

Issued:

2023-03-22

Updated:

2023-03-22

RHSA-2023:1406 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: nss security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for nss is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Security Fix(es):

  • nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12

Red Hat Enterprise Linux Server - AUS 8.2

SRPM

nss-3.53.1-13.el8_2.src.rpm

SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed

x86_64

nss-3.53.1-13.el8_2.i686.rpm

SHA-256: bfac84e058a23cb58fa355755f6c5e85b9048263e02890b76c8de3a26bccfbea

nss-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 30daab401b3a7aafa43d7702c4328f0ef30427d59d30698be2f6ce250cba31e8

nss-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: 4abf773d7e397d369511cc06f76ffd4262992fe41433492bc0295ba0812add46

nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: b12f9891746b928766a9f05193652d28ae1da1b35dcba8494af37331eb4307a3

nss-debugsource-3.53.1-13.el8_2.i686.rpm

SHA-256: bf22dd110bb2660df6a64ac9d8890f4e15513bbe9220e06ad81dff817a0bb6a0

nss-debugsource-3.53.1-13.el8_2.x86_64.rpm

SHA-256: f0add90cbcf2b11f13cd71ef0e7fcae794a76d7b91eaccc57c63a93102b023af

nss-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 01a26ce6c9471da9008f2c3a98b4e4bde77061a5c3671c62fae15c6f15537ef5

nss-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: e23566eada27790b3459cf44e2bce573edd49814a35c4924ab0c71c6f805a8c0

nss-softokn-3.53.1-13.el8_2.i686.rpm

SHA-256: 6d05b576f50acc40b4ee9ff44e703f017ced7559ce6f6a6eae4dcb49d1c94ad7

nss-softokn-3.53.1-13.el8_2.x86_64.rpm

SHA-256: adc3a6659fc99d3058d563d5b6f2546f5d0b5eeb38456876ccc9fe02626eb386

nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: a1214e4dbdf7d5d3d11fefb322497a5a592db10e4044b19442141e311ecc16bc

nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 4bceecf0dfe8b9ff11a79c1ff3cb3f39f7f204caf665067542322140a32716b9

nss-softokn-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 74d4229936243ab0a2b4156904d91a465953c9747abf52296928956b15440961

nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 47dc7ce9b2df39715453ab993046ebdf3899403b83f63858c863832cb0a17126

nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm

SHA-256: 3830a9d1882b6ef9cccbb91627de606a61cbe1b7e7e0c06fa52fe37aaf38f234

nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 83e9508043bef098477b71adf12f9365362c8c502204f109bc26e9d00bb2edef

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: b2a9ae655ca4625c84095fbc45939efbe9e3f347a8e2be1288852883b022f7c5

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 5aebf36a9897a9d64a527628ee08245c4ea157c594f156557d7369d01f60dd40

nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 0f249369f1c6e7322d81741f8762ef0ba144bf2a15f53d33a6d36493690cb051

nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 6ac5bb7b98415084ac793f4b8071434320fb6b4598c2d9dbb81ca094a759a061

nss-sysinit-3.53.1-13.el8_2.x86_64.rpm

SHA-256: c91e699b9d5c690d60f955ef4ff9607655af042c718f2adfc3d9d74de4e1244a

nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: b52ff7b3360eae5985fefc69c9e4837b773fedefa23588c9b550ae37e1990daa

nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: f53f680cc079ed49f208d688739f9eef7a473b9ac0bd9e93c3f3387e85b9ffd2

nss-tools-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 01831029e73ec789322f322dbf7dc07235fd000846c7d151f4b3200fbf3f88b3

nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: 884b0d35551a207191fabd6af7e6dd2a184496f15ed28f96c5a3a39a74427e35

nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: e85c44dd05fe2e25f600c94c22222020e3ff40d4acbe30d510e8d59298118891

nss-util-3.53.1-13.el8_2.i686.rpm

SHA-256: 9b0295bccf125c02235dd9bcfedbc222f495b76e54481b4904e81180b3e91518

nss-util-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 3449d83b2cfe0f1af4b0f5d8149a2ad9105351a7f7bc69767edf92201e29ea2f

nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: be762cca81af28759669a95ab24ffd133612f598ceb7f63109434c71afe7e25f

nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 863f4cd539747f044073af696100b32218804fe359fdb715fa666408d41d16cd

nss-util-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: c5e63a4cd2dfccbe26621444d178d65485bd5603b538b026d4daef581b52e8b9

nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 1fb5063de1561f86d958fc9362fb33b23d0910f02c2deb12ce6889a7a747bc82

Red Hat Enterprise Linux Server - TUS 8.2

SRPM

nss-3.53.1-13.el8_2.src.rpm

SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed

x86_64

nss-3.53.1-13.el8_2.i686.rpm

SHA-256: bfac84e058a23cb58fa355755f6c5e85b9048263e02890b76c8de3a26bccfbea

nss-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 30daab401b3a7aafa43d7702c4328f0ef30427d59d30698be2f6ce250cba31e8

nss-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: 4abf773d7e397d369511cc06f76ffd4262992fe41433492bc0295ba0812add46

nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: b12f9891746b928766a9f05193652d28ae1da1b35dcba8494af37331eb4307a3

nss-debugsource-3.53.1-13.el8_2.i686.rpm

SHA-256: bf22dd110bb2660df6a64ac9d8890f4e15513bbe9220e06ad81dff817a0bb6a0

nss-debugsource-3.53.1-13.el8_2.x86_64.rpm

SHA-256: f0add90cbcf2b11f13cd71ef0e7fcae794a76d7b91eaccc57c63a93102b023af

nss-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 01a26ce6c9471da9008f2c3a98b4e4bde77061a5c3671c62fae15c6f15537ef5

nss-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: e23566eada27790b3459cf44e2bce573edd49814a35c4924ab0c71c6f805a8c0

nss-softokn-3.53.1-13.el8_2.i686.rpm

SHA-256: 6d05b576f50acc40b4ee9ff44e703f017ced7559ce6f6a6eae4dcb49d1c94ad7

nss-softokn-3.53.1-13.el8_2.x86_64.rpm

SHA-256: adc3a6659fc99d3058d563d5b6f2546f5d0b5eeb38456876ccc9fe02626eb386

nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: a1214e4dbdf7d5d3d11fefb322497a5a592db10e4044b19442141e311ecc16bc

nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 4bceecf0dfe8b9ff11a79c1ff3cb3f39f7f204caf665067542322140a32716b9

nss-softokn-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 74d4229936243ab0a2b4156904d91a465953c9747abf52296928956b15440961

nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 47dc7ce9b2df39715453ab993046ebdf3899403b83f63858c863832cb0a17126

nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm

SHA-256: 3830a9d1882b6ef9cccbb91627de606a61cbe1b7e7e0c06fa52fe37aaf38f234

nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 83e9508043bef098477b71adf12f9365362c8c502204f109bc26e9d00bb2edef

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: b2a9ae655ca4625c84095fbc45939efbe9e3f347a8e2be1288852883b022f7c5

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 5aebf36a9897a9d64a527628ee08245c4ea157c594f156557d7369d01f60dd40

nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 0f249369f1c6e7322d81741f8762ef0ba144bf2a15f53d33a6d36493690cb051

nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 6ac5bb7b98415084ac793f4b8071434320fb6b4598c2d9dbb81ca094a759a061

nss-sysinit-3.53.1-13.el8_2.x86_64.rpm

SHA-256: c91e699b9d5c690d60f955ef4ff9607655af042c718f2adfc3d9d74de4e1244a

nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: b52ff7b3360eae5985fefc69c9e4837b773fedefa23588c9b550ae37e1990daa

nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: f53f680cc079ed49f208d688739f9eef7a473b9ac0bd9e93c3f3387e85b9ffd2

nss-tools-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 01831029e73ec789322f322dbf7dc07235fd000846c7d151f4b3200fbf3f88b3

nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: 884b0d35551a207191fabd6af7e6dd2a184496f15ed28f96c5a3a39a74427e35

nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: e85c44dd05fe2e25f600c94c22222020e3ff40d4acbe30d510e8d59298118891

nss-util-3.53.1-13.el8_2.i686.rpm

SHA-256: 9b0295bccf125c02235dd9bcfedbc222f495b76e54481b4904e81180b3e91518

nss-util-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 3449d83b2cfe0f1af4b0f5d8149a2ad9105351a7f7bc69767edf92201e29ea2f

nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: be762cca81af28759669a95ab24ffd133612f598ceb7f63109434c71afe7e25f

nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 863f4cd539747f044073af696100b32218804fe359fdb715fa666408d41d16cd

nss-util-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: c5e63a4cd2dfccbe26621444d178d65485bd5603b538b026d4daef581b52e8b9

nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 1fb5063de1561f86d958fc9362fb33b23d0910f02c2deb12ce6889a7a747bc82

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

nss-3.53.1-13.el8_2.src.rpm

SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed

ppc64le

nss-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 281c1ac0b4aa88a791dea386eba4381def5e2d2b882ff3f10367c3dc2aa6b561

nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 4667f8d76a22d43e7f28fd83ed51a4902e61aa369fb3301d9585d07e216aa0f2

nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: cb0161066d877ff64a809f0c71dc9541f5ae6cce1bf79dd9df5ff873beb1a40c

nss-devel-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 93f19f7e96949448b054b70f3920f8df6f3c43bd2b062116018e7b5b45b229ad

nss-softokn-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 55637cea2622cdbcfbdf9eb5216b551c2456dd195195498a24dbb81e9e8b1c03

nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 5455c6524fa9c448c179e32aaf6992674ee944607fd881a5ecb51ee74ec0e616

nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: b6b747a48d530887ae227339b4583fd5e012767528bf9769968d8d31974f2712

nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 6fce45f16077f55466da6a300eacb9e67daada237fc89b86c215b4c326297379

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: afc54c63d2bd86ec2ee5b703c1425a932f32cc0dbcb4a6d5f83a5fa10d1b7cb7

nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 0eed791fc4402d705a5775d67805c01a3315e6b28047a38a07c14b443929d476

nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 7e2559cd54f2e73c8303606ea70baacb9afb69d222a76e479d655d632ba8e644

nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: e10fb191f4030211490d2b99358f04555ae1a2caa8148fdc9dd887fa8480d592

nss-tools-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 4913141423416bfb4dcf7890ebe6ca680d684ca67fcc9182189fc9e863c92e01

nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: cbc78889687fdc63694eed08caf921e393271d63dd7e2e86b95c3786cffa9749

nss-util-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 6468f52b8e322520ae708cf4c2a1cd0e222ece58b149aaa8bf47d6bf52edddf8

nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 1b4576163ef3dc8aa3ae0390b165abce48798e261f63e519b2be669cc981974e

nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm

SHA-256: 425417d90a608b915d02a8459747a546820e84d1f5a27cb95ad2b8aeac3bb85a

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

nss-3.53.1-13.el8_2.src.rpm

SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed

x86_64

nss-3.53.1-13.el8_2.i686.rpm

SHA-256: bfac84e058a23cb58fa355755f6c5e85b9048263e02890b76c8de3a26bccfbea

nss-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 30daab401b3a7aafa43d7702c4328f0ef30427d59d30698be2f6ce250cba31e8

nss-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: 4abf773d7e397d369511cc06f76ffd4262992fe41433492bc0295ba0812add46

nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: b12f9891746b928766a9f05193652d28ae1da1b35dcba8494af37331eb4307a3

nss-debugsource-3.53.1-13.el8_2.i686.rpm

SHA-256: bf22dd110bb2660df6a64ac9d8890f4e15513bbe9220e06ad81dff817a0bb6a0

nss-debugsource-3.53.1-13.el8_2.x86_64.rpm

SHA-256: f0add90cbcf2b11f13cd71ef0e7fcae794a76d7b91eaccc57c63a93102b023af

nss-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 01a26ce6c9471da9008f2c3a98b4e4bde77061a5c3671c62fae15c6f15537ef5

nss-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: e23566eada27790b3459cf44e2bce573edd49814a35c4924ab0c71c6f805a8c0

nss-softokn-3.53.1-13.el8_2.i686.rpm

SHA-256: 6d05b576f50acc40b4ee9ff44e703f017ced7559ce6f6a6eae4dcb49d1c94ad7

nss-softokn-3.53.1-13.el8_2.x86_64.rpm

SHA-256: adc3a6659fc99d3058d563d5b6f2546f5d0b5eeb38456876ccc9fe02626eb386

nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: a1214e4dbdf7d5d3d11fefb322497a5a592db10e4044b19442141e311ecc16bc

nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 4bceecf0dfe8b9ff11a79c1ff3cb3f39f7f204caf665067542322140a32716b9

nss-softokn-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 74d4229936243ab0a2b4156904d91a465953c9747abf52296928956b15440961

nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 47dc7ce9b2df39715453ab993046ebdf3899403b83f63858c863832cb0a17126

nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm

SHA-256: 3830a9d1882b6ef9cccbb91627de606a61cbe1b7e7e0c06fa52fe37aaf38f234

nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 83e9508043bef098477b71adf12f9365362c8c502204f109bc26e9d00bb2edef

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: b2a9ae655ca4625c84095fbc45939efbe9e3f347a8e2be1288852883b022f7c5

nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 5aebf36a9897a9d64a527628ee08245c4ea157c594f156557d7369d01f60dd40

nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: 0f249369f1c6e7322d81741f8762ef0ba144bf2a15f53d33a6d36493690cb051

nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 6ac5bb7b98415084ac793f4b8071434320fb6b4598c2d9dbb81ca094a759a061

nss-sysinit-3.53.1-13.el8_2.x86_64.rpm

SHA-256: c91e699b9d5c690d60f955ef4ff9607655af042c718f2adfc3d9d74de4e1244a

nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: b52ff7b3360eae5985fefc69c9e4837b773fedefa23588c9b550ae37e1990daa

nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: f53f680cc079ed49f208d688739f9eef7a473b9ac0bd9e93c3f3387e85b9ffd2

nss-tools-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 01831029e73ec789322f322dbf7dc07235fd000846c7d151f4b3200fbf3f88b3

nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: 884b0d35551a207191fabd6af7e6dd2a184496f15ed28f96c5a3a39a74427e35

nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: e85c44dd05fe2e25f600c94c22222020e3ff40d4acbe30d510e8d59298118891

nss-util-3.53.1-13.el8_2.i686.rpm

SHA-256: 9b0295bccf125c02235dd9bcfedbc222f495b76e54481b4904e81180b3e91518

nss-util-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 3449d83b2cfe0f1af4b0f5d8149a2ad9105351a7f7bc69767edf92201e29ea2f

nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm

SHA-256: be762cca81af28759669a95ab24ffd133612f598ceb7f63109434c71afe7e25f

nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 863f4cd539747f044073af696100b32218804fe359fdb715fa666408d41d16cd

nss-util-devel-3.53.1-13.el8_2.i686.rpm

SHA-256: c5e63a4cd2dfccbe26621444d178d65485bd5603b538b026d4daef581b52e8b9

nss-util-devel-3.53.1-13.el8_2.x86_64.rpm

SHA-256: 1fb5063de1561f86d958fc9362fb33b23d0910f02c2deb12ce6889a7a747bc82

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:3455: Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0

OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...

RHSA-2023:2061: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.6 security updates and bug fixes

Multicluster Engine for Kubernetes 2.1.6 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

Red Hat Security Advisory 2023-1677-01

Red Hat Security Advisory 2023-1677-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-1310-01

Red Hat Security Advisory 2023-1310-01 - An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate.

RHSA-2023:1392: Red Hat Security Advisory: OpenShift Container Platform 4.10.55 security update

Red Hat OpenShift Container Platform release 4.10.55 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-20329: A flaw was found in Mongo. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshaling Go objects into BSON. This flaw allows a malicious user to use a Go object with a specific string to inject additional fields into marshaled docume...

Ubuntu Security Notice USN-5943-1

Ubuntu Security Notice 5943-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Johan Carlsson discovered that Thunderbird did not properly implement CSP policy on a header when using iframes. An attacker could potentially exploits this to exfiltrate data.

Red Hat Security Advisory 2023-0821-01

Red Hat Security Advisory 2023-0821-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0810-01

Red Hat Security Advisory 2023-0810-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0807-01

Red Hat Security Advisory 2023-0807-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

RHSA-2023:0824: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0616: The Mozilla Foundation Security Advisory describes this flaw as: If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted mes...

RHSA-2023:0812: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Security-Policy-Report-Only`...

RHSA-2023:0808: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Security-Policy-Report-Only`...

RHSA-2023:0810: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Security-Policy-Report-Only`...

RHSA-2023:0805: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Se...

RHSA-2023:0806: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `...