Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Troubleshoot a product issue
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Troubleshoot a product issue
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Or troubleshoot an issue.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance
  • Account Team

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)
Red Hat Customer Portal Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • Runtimes

  • Integration and Automation

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio
  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycles

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem Catalog
  • Red Hat in the Public Cloud
  • Partner Resources

Tools

  • Troubleshoot a product issue
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn more
  • Go to Insights

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2020:0243 - Security Advisory
Issued:
2020-01-27
Updated:
2020-01-27

RHSA-2020:0243 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: nss security update

Type/Severity

Security Advisory: Important

Topic

An update for nss is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Security Fix(es):

  • nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.0 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.0 x86_64

Fixes

  • BZ - 1774831 - CVE-2019-11745 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

CVEs

  • CVE-2019-11745

References

  • https://access.redhat.com/security/updates/classification/#important
  • Note: More recent versions of these packages may be available. Click a package name for more details.

    Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.0

    SRPM
    nss-3.44.0-8.el8_0.src.rpm SHA-256: a1b134d4cf15b07a025bdfd26dba7bd61b459e42c6607381a898d43f7ebc2675
    ppc64le
    nss-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 387b909e8a0ea25d1b23293f3c49bda16a6e21554694a17f90abe04007a06636
    nss-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: ada90b78538e31f6e99fe7c39f6b91d87ca542256ccc2ea8b8665384e0a91cb6
    nss-debugsource-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 055daeb616fd192ca81f449e3be0b9161e2b0fa4631e98f59dc608bdf3e88904
    nss-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 102d2c5cda06247930e974121fdfa1a93aee0f686f2cb025b5726a1d5941b083
    nss-softokn-3.44.0-8.el8_0.ppc64le.rpm SHA-256: dafe97cefa080a65fdf72de9b714c97089085973fe8925873cff30a9ba301a91
    nss-softokn-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 8202fb1af71158f9c2916af24ebb52121a174111149287c62760aecd1032e990
    nss-softokn-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: b093df414c7dbf4d107d585483eef22f4ffbc621d609760f3c1ae049b16a4c36
    nss-softokn-freebl-3.44.0-8.el8_0.ppc64le.rpm SHA-256: a776d7d44b7112ea8ca744281985b4907ae90f79bf1010e2401ac8a03897dd20
    nss-softokn-freebl-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: c0d70b9701457da0b4510ea061e924f135cffb157fe630674073dfddb6285c9f
    nss-softokn-freebl-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 0f10532b65984cba62963fa7c4f78fab53fc11cd36f84e847e85516539edfc02
    nss-sysinit-3.44.0-8.el8_0.ppc64le.rpm SHA-256: e06e9befc90da575c86a648b1686f96da53f7ac1e4347499b833d3ffc3331af7
    nss-sysinit-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 58bd3e059ad3aa5fd30cbda1a4ff7dbc657bc08f572490e0ff83d20659483d65
    nss-tools-3.44.0-8.el8_0.ppc64le.rpm SHA-256: f34fa84d047ff9dd8b3cfc79cca36edba4895b0c3d2d791f6dab063b65f9b4ff
    nss-tools-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 5bd2977de447080f6644e58ecddf8ed39cddbb0259bd8a0c323e64ad8a3c9d2b
    nss-util-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 4cb5005323525abfd1fd8622e4e5e6d4316346d7a454c8f2be45a8f61efb335c
    nss-util-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 2f93bcca0cd79283c77ad19619a54de1edc94bc286f037820b56e4173c86698b
    nss-util-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 9180d25e2aa5cbf5ac5135ccf2ae48beafd63c85ba575446b935f094c2fac516

    Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.0

    SRPM
    nss-3.44.0-8.el8_0.src.rpm SHA-256: a1b134d4cf15b07a025bdfd26dba7bd61b459e42c6607381a898d43f7ebc2675
    x86_64
    nss-3.44.0-8.el8_0.i686.rpm SHA-256: a5bc8fb403502f845e079c98f58f178816575733364848e7ce31ec63aee340e3
    nss-3.44.0-8.el8_0.x86_64.rpm SHA-256: 7e8b0cd64764bbbb27ec57c22a81937673bf8d583e117007cbe4ac8938b84a51
    nss-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: e2d1c21eb3951c34bfbb668f953689f49742a59c9fc1015c4806d6586a649d59
    nss-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 2fc5a095939afa1f7655ab11535018f3f237a8c3c5f0bce0d5f9d5085864a524
    nss-debugsource-3.44.0-8.el8_0.i686.rpm SHA-256: 7c948f78f8c6a0fb924ed554e5d4e6ee2afb898ee45f25eae97a01c0e7f6bd21
    nss-debugsource-3.44.0-8.el8_0.x86_64.rpm SHA-256: 728b3c5af276455c3ec045c52dddcb1895341fbd97dbd25a10a5cd04ae865bb4
    nss-devel-3.44.0-8.el8_0.i686.rpm SHA-256: 10e2eb1ca4842c4b7ceefd5ba90b60bd1a910ea6c4de205496d4b3cdb7172260
    nss-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: c4e79604406724f2d184dfff576f1d7b124bcb4bfd826e90a5ba6f88ca38bc6a
    nss-softokn-3.44.0-8.el8_0.i686.rpm SHA-256: 155f022603fc2af72a9634529bfb39ffc44829ed6e86509784139842d34a1cb0
    nss-softokn-3.44.0-8.el8_0.x86_64.rpm SHA-256: ca3f6515ae25411d8e217cb528fd59d19ab32aa32b335d291b2500852368b0f0
    nss-softokn-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: c111d508dbf740b40a955fe6dbba7e28e5a0c4d407847993568af8d812e1f645
    nss-softokn-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 7c2aefa95ea77adca358bba21508b8c650f9825e6ff5dfeff068b7b7c6df8a47
    nss-softokn-devel-3.44.0-8.el8_0.i686.rpm SHA-256: e295c562d8608ee76bfc9af2c439251dbebe2a5110906675913a78d8fbaef923
    nss-softokn-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: 0ae86776ebb5a099bf87ca45cf7611259b1604003956311f4f7e44d6642818b7
    nss-softokn-freebl-3.44.0-8.el8_0.i686.rpm SHA-256: ab148eaed5a40343786cae8d556f746df8e4ff6ad42e7f5206f4ab8a4ef2acba
    nss-softokn-freebl-3.44.0-8.el8_0.x86_64.rpm SHA-256: 64b9f236c6419a8c41e3f1be4151b8270cb502186e92c17e1632321870056b12
    nss-softokn-freebl-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: 16c4679297dd1dc7c79b1d4d7c4d71589179583b8a67eba939dadf2d33a50365
    nss-softokn-freebl-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 4f43e48a66b1e1a321edaaef7516874883c17c3a48fd8409600a52a996985392
    nss-softokn-freebl-devel-3.44.0-8.el8_0.i686.rpm SHA-256: 16506f7d8041dd7fb55b1a79a672be007a9b8018fd5f2e19bb33617a6c12c28b
    nss-softokn-freebl-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: c1cbe93be8b6fde434889ecc9fc705464fabe6af25fbf4ff648d0e08f668a0ca
    nss-sysinit-3.44.0-8.el8_0.x86_64.rpm SHA-256: 78e5a202c4f1ee97566bab6972ec3714cd71cccf7d248557751101ce553f7b14
    nss-sysinit-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: b6ac3eee83ae7e4e171f9cb3fd9786e6bfc01250a0074c0e56cb8cfbecbde035
    nss-sysinit-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 556b79d8796053961ec15468d81d444bebd7d3cc9261c7fda80545b1ae6159e6
    nss-tools-3.44.0-8.el8_0.x86_64.rpm SHA-256: 433d20d75d5c10468eab0beafab43e7195805ccf29299a932b4f7bcfe96f1b96
    nss-tools-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: 1391558b2d8345057aaa0ba2a8215b3a30071ae1d5a773ea7217e6b64b70b898
    nss-tools-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 4fe2d7c92c60f446307e101665a95457724da51fa0c8ff74a5189cfb850073dc
    nss-util-3.44.0-8.el8_0.i686.rpm SHA-256: 88956f62440f74206d8e04078ebb958f0d8bfcfc4b8839e8273cd1940873010d
    nss-util-3.44.0-8.el8_0.x86_64.rpm SHA-256: 69b43f8ec71673bdeccd56be767ace540727188043808fab4f3fce47f97d243d
    nss-util-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: 080d7ac90503fad7d022c0eaaf9304ead9cb51ae7865570bcd875b77b00ccc09
    nss-util-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 106c3b10e137feca936fba84141742d910288de2555d557848ea87f14be6d2db
    nss-util-devel-3.44.0-8.el8_0.i686.rpm SHA-256: e7e4e01d781fab2ebb0070361bf20c267b1e1a7c89852e3229e041215c90b29a
    nss-util-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: 3d6a12240010e7f18c36226737148fc2bb4cd8a98a1cecea4475fcd1f9f77760

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

    Red Hat

    Quick Links

    • Downloads
    • Subscriptions
    • Support Cases
    • Customer Service
    • Product Documentation

    Help

    • Contact Us
    • Customer Portal FAQ
    • Log-in Assistance

    Site Info

    • Trust Red Hat
    • Browser Support Policy
    • Accessibility
    • Awards and Recognition
    • Colophon

    Related Sites

    • redhat.com
    • openshift.com
    • developers.redhat.com
    • connect.redhat.com
    • cloud.redhat.com

    About

    • Red Hat Subscription Value
    • About Red Hat
    • Red Hat Jobs
    Copyright © 2021 Red Hat, Inc.
    • Privacy Statement
    • Customer Portal Terms of Use
    • All Policies and Guidelines
    Red Hat Summit
    Twitter Facebook