Issued:
2020-01-27
Updated:
2020-01-27

RHSA-2020:0243 - Security Advisory

Synopsis

Important: nss security update

Type/Severity

Security Advisory: Important

Topic

An update for nss is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Security Fix(es):

  • nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.0 ppc64le
  • Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.0 x86_64

Fixes

  • BZ - 1774831 - CVE-2019-11745 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.0

SRPM
nss-3.44.0-8.el8_0.src.rpm SHA-256: a1b134d4cf15b07a025bdfd26dba7bd61b459e42c6607381a898d43f7ebc2675
ppc64le
nss-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 387b909e8a0ea25d1b23293f3c49bda16a6e21554694a17f90abe04007a06636
nss-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: ada90b78538e31f6e99fe7c39f6b91d87ca542256ccc2ea8b8665384e0a91cb6
nss-debugsource-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 055daeb616fd192ca81f449e3be0b9161e2b0fa4631e98f59dc608bdf3e88904
nss-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 102d2c5cda06247930e974121fdfa1a93aee0f686f2cb025b5726a1d5941b083
nss-softokn-3.44.0-8.el8_0.ppc64le.rpm SHA-256: dafe97cefa080a65fdf72de9b714c97089085973fe8925873cff30a9ba301a91
nss-softokn-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 8202fb1af71158f9c2916af24ebb52121a174111149287c62760aecd1032e990
nss-softokn-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: b093df414c7dbf4d107d585483eef22f4ffbc621d609760f3c1ae049b16a4c36
nss-softokn-freebl-3.44.0-8.el8_0.ppc64le.rpm SHA-256: a776d7d44b7112ea8ca744281985b4907ae90f79bf1010e2401ac8a03897dd20
nss-softokn-freebl-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: c0d70b9701457da0b4510ea061e924f135cffb157fe630674073dfddb6285c9f
nss-softokn-freebl-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 0f10532b65984cba62963fa7c4f78fab53fc11cd36f84e847e85516539edfc02
nss-sysinit-3.44.0-8.el8_0.ppc64le.rpm SHA-256: e06e9befc90da575c86a648b1686f96da53f7ac1e4347499b833d3ffc3331af7
nss-sysinit-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 58bd3e059ad3aa5fd30cbda1a4ff7dbc657bc08f572490e0ff83d20659483d65
nss-tools-3.44.0-8.el8_0.ppc64le.rpm SHA-256: f34fa84d047ff9dd8b3cfc79cca36edba4895b0c3d2d791f6dab063b65f9b4ff
nss-tools-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 5bd2977de447080f6644e58ecddf8ed39cddbb0259bd8a0c323e64ad8a3c9d2b
nss-util-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 4cb5005323525abfd1fd8622e4e5e6d4316346d7a454c8f2be45a8f61efb335c
nss-util-debuginfo-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 2f93bcca0cd79283c77ad19619a54de1edc94bc286f037820b56e4173c86698b
nss-util-devel-3.44.0-8.el8_0.ppc64le.rpm SHA-256: 9180d25e2aa5cbf5ac5135ccf2ae48beafd63c85ba575446b935f094c2fac516

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.0

SRPM
nss-3.44.0-8.el8_0.src.rpm SHA-256: a1b134d4cf15b07a025bdfd26dba7bd61b459e42c6607381a898d43f7ebc2675
x86_64
nss-3.44.0-8.el8_0.i686.rpm SHA-256: a5bc8fb403502f845e079c98f58f178816575733364848e7ce31ec63aee340e3
nss-3.44.0-8.el8_0.x86_64.rpm SHA-256: 7e8b0cd64764bbbb27ec57c22a81937673bf8d583e117007cbe4ac8938b84a51
nss-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: e2d1c21eb3951c34bfbb668f953689f49742a59c9fc1015c4806d6586a649d59
nss-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 2fc5a095939afa1f7655ab11535018f3f237a8c3c5f0bce0d5f9d5085864a524
nss-debugsource-3.44.0-8.el8_0.i686.rpm SHA-256: 7c948f78f8c6a0fb924ed554e5d4e6ee2afb898ee45f25eae97a01c0e7f6bd21
nss-debugsource-3.44.0-8.el8_0.x86_64.rpm SHA-256: 728b3c5af276455c3ec045c52dddcb1895341fbd97dbd25a10a5cd04ae865bb4
nss-devel-3.44.0-8.el8_0.i686.rpm SHA-256: 10e2eb1ca4842c4b7ceefd5ba90b60bd1a910ea6c4de205496d4b3cdb7172260
nss-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: c4e79604406724f2d184dfff576f1d7b124bcb4bfd826e90a5ba6f88ca38bc6a
nss-softokn-3.44.0-8.el8_0.i686.rpm SHA-256: 155f022603fc2af72a9634529bfb39ffc44829ed6e86509784139842d34a1cb0
nss-softokn-3.44.0-8.el8_0.x86_64.rpm SHA-256: ca3f6515ae25411d8e217cb528fd59d19ab32aa32b335d291b2500852368b0f0
nss-softokn-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: c111d508dbf740b40a955fe6dbba7e28e5a0c4d407847993568af8d812e1f645
nss-softokn-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 7c2aefa95ea77adca358bba21508b8c650f9825e6ff5dfeff068b7b7c6df8a47
nss-softokn-devel-3.44.0-8.el8_0.i686.rpm SHA-256: e295c562d8608ee76bfc9af2c439251dbebe2a5110906675913a78d8fbaef923
nss-softokn-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: 0ae86776ebb5a099bf87ca45cf7611259b1604003956311f4f7e44d6642818b7
nss-softokn-freebl-3.44.0-8.el8_0.i686.rpm SHA-256: ab148eaed5a40343786cae8d556f746df8e4ff6ad42e7f5206f4ab8a4ef2acba
nss-softokn-freebl-3.44.0-8.el8_0.x86_64.rpm SHA-256: 64b9f236c6419a8c41e3f1be4151b8270cb502186e92c17e1632321870056b12
nss-softokn-freebl-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: 16c4679297dd1dc7c79b1d4d7c4d71589179583b8a67eba939dadf2d33a50365
nss-softokn-freebl-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 4f43e48a66b1e1a321edaaef7516874883c17c3a48fd8409600a52a996985392
nss-softokn-freebl-devel-3.44.0-8.el8_0.i686.rpm SHA-256: 16506f7d8041dd7fb55b1a79a672be007a9b8018fd5f2e19bb33617a6c12c28b
nss-softokn-freebl-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: c1cbe93be8b6fde434889ecc9fc705464fabe6af25fbf4ff648d0e08f668a0ca
nss-sysinit-3.44.0-8.el8_0.x86_64.rpm SHA-256: 78e5a202c4f1ee97566bab6972ec3714cd71cccf7d248557751101ce553f7b14
nss-sysinit-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: b6ac3eee83ae7e4e171f9cb3fd9786e6bfc01250a0074c0e56cb8cfbecbde035
nss-sysinit-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 556b79d8796053961ec15468d81d444bebd7d3cc9261c7fda80545b1ae6159e6
nss-tools-3.44.0-8.el8_0.x86_64.rpm SHA-256: 433d20d75d5c10468eab0beafab43e7195805ccf29299a932b4f7bcfe96f1b96
nss-tools-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: 1391558b2d8345057aaa0ba2a8215b3a30071ae1d5a773ea7217e6b64b70b898
nss-tools-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 4fe2d7c92c60f446307e101665a95457724da51fa0c8ff74a5189cfb850073dc
nss-util-3.44.0-8.el8_0.i686.rpm SHA-256: 88956f62440f74206d8e04078ebb958f0d8bfcfc4b8839e8273cd1940873010d
nss-util-3.44.0-8.el8_0.x86_64.rpm SHA-256: 69b43f8ec71673bdeccd56be767ace540727188043808fab4f3fce47f97d243d
nss-util-debuginfo-3.44.0-8.el8_0.i686.rpm SHA-256: 080d7ac90503fad7d022c0eaaf9304ead9cb51ae7865570bcd875b77b00ccc09
nss-util-debuginfo-3.44.0-8.el8_0.x86_64.rpm SHA-256: 106c3b10e137feca936fba84141742d910288de2555d557848ea87f14be6d2db
nss-util-devel-3.44.0-8.el8_0.i686.rpm SHA-256: e7e4e01d781fab2ebb0070361bf20c267b1e1a7c89852e3229e041215c90b29a
nss-util-devel-3.44.0-8.el8_0.x86_64.rpm SHA-256: 3d6a12240010e7f18c36226737148fc2bb4cd8a98a1cecea4475fcd1f9f77760

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.