AlmaLinux 2324 Published by

A nss security and bug fix update has been released for AlmaLinux 9.



ALSA-2023:1368 Important: nss security and bug fix update


Type:
security

Severity:
important

Release date:
2023-03-23

Description
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
Bug Fix(es):
* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177434)
* Need to update FIPS review comments into NSS AlmaLinux-9. (BZ#2177875)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
RHSA-2023:1368
CVE-2023-0767
ALSA-2023:1368

Updates packages:
nss-softokn-devel-3.79.0-17.el9_1.i686.rpm
nspr-4.34.0-17.el9_1.i686.rpm
nss-softokn-3.79.0-17.el9_1.i686.rpm
nss-3.79.0-17.el9_1.i686.rpm
nss-util-3.79.0-17.el9_1.i686.rpm
nss-softokn-freebl-devel-3.79.0-17.el9_1.i686.rpm
nspr-devel-4.34.0-17.el9_1.i686.rpm
nss-softokn-freebl-3.79.0-17.el9_1.i686.rpm
nss-devel-3.79.0-17.el9_1.i686.rpm
nss-util-devel-3.79.0-17.el9_1.i686.rpm
nss-tools-3.79.0-17.el9_1.x86_64.rpm
nss-util-devel-3.79.0-17.el9_1.x86_64.rpm
nss-softokn-freebl-devel-3.79.0-17.el9_1.x86_64.rpm
nss-devel-3.79.0-17.el9_1.x86_64.rpm
nss-sysinit-3.79.0-17.el9_1.x86_64.rpm
nss-util-3.79.0-17.el9_1.x86_64.rpm
nss-softokn-freebl-3.79.0-17.el9_1.x86_64.rpm
nspr-4.34.0-17.el9_1.x86_64.rpm
nspr-devel-4.34.0-17.el9_1.x86_64.rpm
nss-3.79.0-17.el9_1.x86_64.rpm
nss-softokn-devel-3.79.0-17.el9_1.x86_64.rpm
nss-softokn-3.79.0-17.el9_1.x86_64.rpm
nspr-4.34.0-17.el9_1.aarch64.rpm
nss-softokn-freebl-3.79.0-17.el9_1.aarch64.rpm
nss-softokn-freebl-devel-3.79.0-17.el9_1.aarch64.rpm
nss-util-devel-3.79.0-17.el9_1.aarch64.rpm
nspr-devel-4.34.0-17.el9_1.aarch64.rpm
nss-tools-3.79.0-17.el9_1.aarch64.rpm
nss-softokn-3.79.0-17.el9_1.aarch64.rpm
nss-devel-3.79.0-17.el9_1.aarch64.rpm
nss-softokn-devel-3.79.0-17.el9_1.aarch64.rpm
nss-3.79.0-17.el9_1.aarch64.rpm
nss-sysinit-3.79.0-17.el9_1.aarch64.rpm
nss-util-3.79.0-17.el9_1.aarch64.rpm
nss-softokn-freebl-devel-3.79.0-17.el9_1.ppc64le.rpm
nss-sysinit-3.79.0-17.el9_1.ppc64le.rpm
nspr-4.34.0-17.el9_1.ppc64le.rpm
nss-3.79.0-17.el9_1.ppc64le.rpm
nss-devel-3.79.0-17.el9_1.ppc64le.rpm
nss-softokn-freebl-3.79.0-17.el9_1.ppc64le.rpm
nss-tools-3.79.0-17.el9_1.ppc64le.rpm
nss-util-3.79.0-17.el9_1.ppc64le.rpm
nss-softokn-devel-3.79.0-17.el9_1.ppc64le.rpm
nss-softokn-3.79.0-17.el9_1.ppc64le.rpm
nss-util-devel-3.79.0-17.el9_1.ppc64le.rpm
nspr-devel-4.34.0-17.el9_1.ppc64le.rpm
nss-softokn-3.79.0-17.el9_1.s390x.rpm
nss-tools-3.79.0-17.el9_1.s390x.rpm
nspr-devel-4.34.0-17.el9_1.s390x.rpm
nss-devel-3.79.0-17.el9_1.s390x.rpm
nss-util-devel-3.79.0-17.el9_1.s390x.rpm
nss-softokn-devel-3.79.0-17.el9_1.s390x.rpm
nss-softokn-freebl-3.79.0-17.el9_1.s390x.rpm
nspr-4.34.0-17.el9_1.s390x.rpm
nss-3.79.0-17.el9_1.s390x.rpm
nss-sysinit-3.79.0-17.el9_1.s390x.rpm
nss-softokn-freebl-devel-3.79.0-17.el9_1.s390x.rpm
nss-util-3.79.0-17.el9_1.s390x.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:1368 Important: nss security and bug fix update