Headline
RHSA-2023:1406: Red Hat Security Advisory: nss security update
An update for nss is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.
Issued:
2023-03-22
Updated:
2023-03-22
RHSA-2023:1406 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: nss security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for nss is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
- nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
nss-3.53.1-13.el8_2.src.rpm
SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed
x86_64
nss-3.53.1-13.el8_2.i686.rpm
SHA-256: bfac84e058a23cb58fa355755f6c5e85b9048263e02890b76c8de3a26bccfbea
nss-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 30daab401b3a7aafa43d7702c4328f0ef30427d59d30698be2f6ce250cba31e8
nss-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: 4abf773d7e397d369511cc06f76ffd4262992fe41433492bc0295ba0812add46
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: b12f9891746b928766a9f05193652d28ae1da1b35dcba8494af37331eb4307a3
nss-debugsource-3.53.1-13.el8_2.i686.rpm
SHA-256: bf22dd110bb2660df6a64ac9d8890f4e15513bbe9220e06ad81dff817a0bb6a0
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm
SHA-256: f0add90cbcf2b11f13cd71ef0e7fcae794a76d7b91eaccc57c63a93102b023af
nss-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 01a26ce6c9471da9008f2c3a98b4e4bde77061a5c3671c62fae15c6f15537ef5
nss-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: e23566eada27790b3459cf44e2bce573edd49814a35c4924ab0c71c6f805a8c0
nss-softokn-3.53.1-13.el8_2.i686.rpm
SHA-256: 6d05b576f50acc40b4ee9ff44e703f017ced7559ce6f6a6eae4dcb49d1c94ad7
nss-softokn-3.53.1-13.el8_2.x86_64.rpm
SHA-256: adc3a6659fc99d3058d563d5b6f2546f5d0b5eeb38456876ccc9fe02626eb386
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: a1214e4dbdf7d5d3d11fefb322497a5a592db10e4044b19442141e311ecc16bc
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 4bceecf0dfe8b9ff11a79c1ff3cb3f39f7f204caf665067542322140a32716b9
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 74d4229936243ab0a2b4156904d91a465953c9747abf52296928956b15440961
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 47dc7ce9b2df39715453ab993046ebdf3899403b83f63858c863832cb0a17126
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm
SHA-256: 3830a9d1882b6ef9cccbb91627de606a61cbe1b7e7e0c06fa52fe37aaf38f234
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 83e9508043bef098477b71adf12f9365362c8c502204f109bc26e9d00bb2edef
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: b2a9ae655ca4625c84095fbc45939efbe9e3f347a8e2be1288852883b022f7c5
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 5aebf36a9897a9d64a527628ee08245c4ea157c594f156557d7369d01f60dd40
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 0f249369f1c6e7322d81741f8762ef0ba144bf2a15f53d33a6d36493690cb051
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 6ac5bb7b98415084ac793f4b8071434320fb6b4598c2d9dbb81ca094a759a061
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm
SHA-256: c91e699b9d5c690d60f955ef4ff9607655af042c718f2adfc3d9d74de4e1244a
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: b52ff7b3360eae5985fefc69c9e4837b773fedefa23588c9b550ae37e1990daa
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: f53f680cc079ed49f208d688739f9eef7a473b9ac0bd9e93c3f3387e85b9ffd2
nss-tools-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 01831029e73ec789322f322dbf7dc07235fd000846c7d151f4b3200fbf3f88b3
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: 884b0d35551a207191fabd6af7e6dd2a184496f15ed28f96c5a3a39a74427e35
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: e85c44dd05fe2e25f600c94c22222020e3ff40d4acbe30d510e8d59298118891
nss-util-3.53.1-13.el8_2.i686.rpm
SHA-256: 9b0295bccf125c02235dd9bcfedbc222f495b76e54481b4904e81180b3e91518
nss-util-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 3449d83b2cfe0f1af4b0f5d8149a2ad9105351a7f7bc69767edf92201e29ea2f
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: be762cca81af28759669a95ab24ffd133612f598ceb7f63109434c71afe7e25f
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 863f4cd539747f044073af696100b32218804fe359fdb715fa666408d41d16cd
nss-util-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: c5e63a4cd2dfccbe26621444d178d65485bd5603b538b026d4daef581b52e8b9
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 1fb5063de1561f86d958fc9362fb33b23d0910f02c2deb12ce6889a7a747bc82
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
nss-3.53.1-13.el8_2.src.rpm
SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed
x86_64
nss-3.53.1-13.el8_2.i686.rpm
SHA-256: bfac84e058a23cb58fa355755f6c5e85b9048263e02890b76c8de3a26bccfbea
nss-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 30daab401b3a7aafa43d7702c4328f0ef30427d59d30698be2f6ce250cba31e8
nss-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: 4abf773d7e397d369511cc06f76ffd4262992fe41433492bc0295ba0812add46
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: b12f9891746b928766a9f05193652d28ae1da1b35dcba8494af37331eb4307a3
nss-debugsource-3.53.1-13.el8_2.i686.rpm
SHA-256: bf22dd110bb2660df6a64ac9d8890f4e15513bbe9220e06ad81dff817a0bb6a0
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm
SHA-256: f0add90cbcf2b11f13cd71ef0e7fcae794a76d7b91eaccc57c63a93102b023af
nss-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 01a26ce6c9471da9008f2c3a98b4e4bde77061a5c3671c62fae15c6f15537ef5
nss-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: e23566eada27790b3459cf44e2bce573edd49814a35c4924ab0c71c6f805a8c0
nss-softokn-3.53.1-13.el8_2.i686.rpm
SHA-256: 6d05b576f50acc40b4ee9ff44e703f017ced7559ce6f6a6eae4dcb49d1c94ad7
nss-softokn-3.53.1-13.el8_2.x86_64.rpm
SHA-256: adc3a6659fc99d3058d563d5b6f2546f5d0b5eeb38456876ccc9fe02626eb386
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: a1214e4dbdf7d5d3d11fefb322497a5a592db10e4044b19442141e311ecc16bc
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 4bceecf0dfe8b9ff11a79c1ff3cb3f39f7f204caf665067542322140a32716b9
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 74d4229936243ab0a2b4156904d91a465953c9747abf52296928956b15440961
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 47dc7ce9b2df39715453ab993046ebdf3899403b83f63858c863832cb0a17126
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm
SHA-256: 3830a9d1882b6ef9cccbb91627de606a61cbe1b7e7e0c06fa52fe37aaf38f234
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 83e9508043bef098477b71adf12f9365362c8c502204f109bc26e9d00bb2edef
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: b2a9ae655ca4625c84095fbc45939efbe9e3f347a8e2be1288852883b022f7c5
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 5aebf36a9897a9d64a527628ee08245c4ea157c594f156557d7369d01f60dd40
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 0f249369f1c6e7322d81741f8762ef0ba144bf2a15f53d33a6d36493690cb051
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 6ac5bb7b98415084ac793f4b8071434320fb6b4598c2d9dbb81ca094a759a061
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm
SHA-256: c91e699b9d5c690d60f955ef4ff9607655af042c718f2adfc3d9d74de4e1244a
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: b52ff7b3360eae5985fefc69c9e4837b773fedefa23588c9b550ae37e1990daa
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: f53f680cc079ed49f208d688739f9eef7a473b9ac0bd9e93c3f3387e85b9ffd2
nss-tools-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 01831029e73ec789322f322dbf7dc07235fd000846c7d151f4b3200fbf3f88b3
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: 884b0d35551a207191fabd6af7e6dd2a184496f15ed28f96c5a3a39a74427e35
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: e85c44dd05fe2e25f600c94c22222020e3ff40d4acbe30d510e8d59298118891
nss-util-3.53.1-13.el8_2.i686.rpm
SHA-256: 9b0295bccf125c02235dd9bcfedbc222f495b76e54481b4904e81180b3e91518
nss-util-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 3449d83b2cfe0f1af4b0f5d8149a2ad9105351a7f7bc69767edf92201e29ea2f
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: be762cca81af28759669a95ab24ffd133612f598ceb7f63109434c71afe7e25f
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 863f4cd539747f044073af696100b32218804fe359fdb715fa666408d41d16cd
nss-util-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: c5e63a4cd2dfccbe26621444d178d65485bd5603b538b026d4daef581b52e8b9
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 1fb5063de1561f86d958fc9362fb33b23d0910f02c2deb12ce6889a7a747bc82
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
nss-3.53.1-13.el8_2.src.rpm
SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed
ppc64le
nss-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 281c1ac0b4aa88a791dea386eba4381def5e2d2b882ff3f10367c3dc2aa6b561
nss-debuginfo-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 4667f8d76a22d43e7f28fd83ed51a4902e61aa369fb3301d9585d07e216aa0f2
nss-debugsource-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: cb0161066d877ff64a809f0c71dc9541f5ae6cce1bf79dd9df5ff873beb1a40c
nss-devel-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 93f19f7e96949448b054b70f3920f8df6f3c43bd2b062116018e7b5b45b229ad
nss-softokn-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 55637cea2622cdbcfbdf9eb5216b551c2456dd195195498a24dbb81e9e8b1c03
nss-softokn-debuginfo-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 5455c6524fa9c448c179e32aaf6992674ee944607fd881a5ecb51ee74ec0e616
nss-softokn-devel-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: b6b747a48d530887ae227339b4583fd5e012767528bf9769968d8d31974f2712
nss-softokn-freebl-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 6fce45f16077f55466da6a300eacb9e67daada237fc89b86c215b4c326297379
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: afc54c63d2bd86ec2ee5b703c1425a932f32cc0dbcb4a6d5f83a5fa10d1b7cb7
nss-softokn-freebl-devel-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 0eed791fc4402d705a5775d67805c01a3315e6b28047a38a07c14b443929d476
nss-sysinit-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 7e2559cd54f2e73c8303606ea70baacb9afb69d222a76e479d655d632ba8e644
nss-sysinit-debuginfo-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: e10fb191f4030211490d2b99358f04555ae1a2caa8148fdc9dd887fa8480d592
nss-tools-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 4913141423416bfb4dcf7890ebe6ca680d684ca67fcc9182189fc9e863c92e01
nss-tools-debuginfo-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: cbc78889687fdc63694eed08caf921e393271d63dd7e2e86b95c3786cffa9749
nss-util-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 6468f52b8e322520ae708cf4c2a1cd0e222ece58b149aaa8bf47d6bf52edddf8
nss-util-debuginfo-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 1b4576163ef3dc8aa3ae0390b165abce48798e261f63e519b2be669cc981974e
nss-util-devel-3.53.1-13.el8_2.ppc64le.rpm
SHA-256: 425417d90a608b915d02a8459747a546820e84d1f5a27cb95ad2b8aeac3bb85a
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
nss-3.53.1-13.el8_2.src.rpm
SHA-256: 7349a4b8c0ed1f82fdbb777e5dc04e8a21de307e5c873eeecc429812ef2346ed
x86_64
nss-3.53.1-13.el8_2.i686.rpm
SHA-256: bfac84e058a23cb58fa355755f6c5e85b9048263e02890b76c8de3a26bccfbea
nss-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 30daab401b3a7aafa43d7702c4328f0ef30427d59d30698be2f6ce250cba31e8
nss-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: 4abf773d7e397d369511cc06f76ffd4262992fe41433492bc0295ba0812add46
nss-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: b12f9891746b928766a9f05193652d28ae1da1b35dcba8494af37331eb4307a3
nss-debugsource-3.53.1-13.el8_2.i686.rpm
SHA-256: bf22dd110bb2660df6a64ac9d8890f4e15513bbe9220e06ad81dff817a0bb6a0
nss-debugsource-3.53.1-13.el8_2.x86_64.rpm
SHA-256: f0add90cbcf2b11f13cd71ef0e7fcae794a76d7b91eaccc57c63a93102b023af
nss-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 01a26ce6c9471da9008f2c3a98b4e4bde77061a5c3671c62fae15c6f15537ef5
nss-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: e23566eada27790b3459cf44e2bce573edd49814a35c4924ab0c71c6f805a8c0
nss-softokn-3.53.1-13.el8_2.i686.rpm
SHA-256: 6d05b576f50acc40b4ee9ff44e703f017ced7559ce6f6a6eae4dcb49d1c94ad7
nss-softokn-3.53.1-13.el8_2.x86_64.rpm
SHA-256: adc3a6659fc99d3058d563d5b6f2546f5d0b5eeb38456876ccc9fe02626eb386
nss-softokn-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: a1214e4dbdf7d5d3d11fefb322497a5a592db10e4044b19442141e311ecc16bc
nss-softokn-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 4bceecf0dfe8b9ff11a79c1ff3cb3f39f7f204caf665067542322140a32716b9
nss-softokn-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 74d4229936243ab0a2b4156904d91a465953c9747abf52296928956b15440961
nss-softokn-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 47dc7ce9b2df39715453ab993046ebdf3899403b83f63858c863832cb0a17126
nss-softokn-freebl-3.53.1-13.el8_2.i686.rpm
SHA-256: 3830a9d1882b6ef9cccbb91627de606a61cbe1b7e7e0c06fa52fe37aaf38f234
nss-softokn-freebl-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 83e9508043bef098477b71adf12f9365362c8c502204f109bc26e9d00bb2edef
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: b2a9ae655ca4625c84095fbc45939efbe9e3f347a8e2be1288852883b022f7c5
nss-softokn-freebl-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 5aebf36a9897a9d64a527628ee08245c4ea157c594f156557d7369d01f60dd40
nss-softokn-freebl-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: 0f249369f1c6e7322d81741f8762ef0ba144bf2a15f53d33a6d36493690cb051
nss-softokn-freebl-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 6ac5bb7b98415084ac793f4b8071434320fb6b4598c2d9dbb81ca094a759a061
nss-sysinit-3.53.1-13.el8_2.x86_64.rpm
SHA-256: c91e699b9d5c690d60f955ef4ff9607655af042c718f2adfc3d9d74de4e1244a
nss-sysinit-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: b52ff7b3360eae5985fefc69c9e4837b773fedefa23588c9b550ae37e1990daa
nss-sysinit-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: f53f680cc079ed49f208d688739f9eef7a473b9ac0bd9e93c3f3387e85b9ffd2
nss-tools-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 01831029e73ec789322f322dbf7dc07235fd000846c7d151f4b3200fbf3f88b3
nss-tools-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: 884b0d35551a207191fabd6af7e6dd2a184496f15ed28f96c5a3a39a74427e35
nss-tools-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: e85c44dd05fe2e25f600c94c22222020e3ff40d4acbe30d510e8d59298118891
nss-util-3.53.1-13.el8_2.i686.rpm
SHA-256: 9b0295bccf125c02235dd9bcfedbc222f495b76e54481b4904e81180b3e91518
nss-util-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 3449d83b2cfe0f1af4b0f5d8149a2ad9105351a7f7bc69767edf92201e29ea2f
nss-util-debuginfo-3.53.1-13.el8_2.i686.rpm
SHA-256: be762cca81af28759669a95ab24ffd133612f598ceb7f63109434c71afe7e25f
nss-util-debuginfo-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 863f4cd539747f044073af696100b32218804fe359fdb715fa666408d41d16cd
nss-util-devel-3.53.1-13.el8_2.i686.rpm
SHA-256: c5e63a4cd2dfccbe26621444d178d65485bd5603b538b026d4daef581b52e8b9
nss-util-devel-3.53.1-13.el8_2.x86_64.rpm
SHA-256: 1fb5063de1561f86d958fc9362fb33b23d0910f02c2deb12ce6889a7a747bc82
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
OpenShift Serverless version 1.29.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System (CVSS) base score.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker ...
Multicluster Engine for Kubernetes 2.1.6 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
Red Hat Security Advisory 2023-1677-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include heap overflow and integer overflow vulnerabilities.
Red Hat Security Advisory 2023-1310-01 - An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate.
Red Hat OpenShift Container Platform release 4.10.55 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-20329: A flaw was found in Mongo. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshaling Go objects into BSON. This flaw allows a malicious user to use a Go object with a specific string to inject additional fields into marshaled docume...
Ubuntu Security Notice 5943-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Johan Carlsson discovered that Thunderbird did not properly implement CSP policy on a header when using iframes. An attacker could potentially exploits this to exfiltrate data.
Red Hat Security Advisory 2023-0821-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0810-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-0807-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.
An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0616: The Mozilla Foundation Security Advisory describes this flaw as: If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted mes...
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Security-Policy-Report-Only`...
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Security-Policy-Report-Only`...
An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Security-Policy-Report-Only`...
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `Content-Se...
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0767: The Mozilla Foundation Security Advisory describes this flaw as: An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. * CVE-2023-25728: The Mozilla Foundation Security Advisory describes this flaw as: The `...