Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2023:1366 - Security Advisory
Issued:
2023-03-21
Updated:
2023-03-21

RHSA-2023:1366 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: nss security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for nss is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Security Fix(es):

  • nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12

CVEs

  • CVE-2023-0767

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
nss-3.44.0-13.el6_10.src.rpm SHA-256: 2233aded7fcf6911318215c3cc669f8c9cf26740e90ca5be765a2d897a7c0d01
x86_64
nss-3.44.0-13.el6_10.i686.rpm SHA-256: bde230e8bbbf7a36fdc5e27a40553bba7845ba7d74623c6edfa341b97105ab1b
nss-3.44.0-13.el6_10.x86_64.rpm SHA-256: 42cbf1f4dcf0f2dca7d6b80fdbf7ccb0613eb064fd067061aa715e0eac03d086
nss-debuginfo-3.44.0-13.el6_10.i686.rpm SHA-256: 2bf686a88109b52a02b330f11d22424f2a8ae2c6011b103ecd38c3cc479995dd
nss-debuginfo-3.44.0-13.el6_10.i686.rpm SHA-256: 2bf686a88109b52a02b330f11d22424f2a8ae2c6011b103ecd38c3cc479995dd
nss-debuginfo-3.44.0-13.el6_10.x86_64.rpm SHA-256: 93d3ecf68807d1fcd5df00b1c7cb3030e2e642cbb1e8ff1e3f408f982e6fd784
nss-debuginfo-3.44.0-13.el6_10.x86_64.rpm SHA-256: 93d3ecf68807d1fcd5df00b1c7cb3030e2e642cbb1e8ff1e3f408f982e6fd784
nss-devel-3.44.0-13.el6_10.i686.rpm SHA-256: f524729e387eb3ca77fc80b6ce887e031bef031038b529f71ce3dc117c5cedc0
nss-devel-3.44.0-13.el6_10.x86_64.rpm SHA-256: f6f1eef1f680d887e5ebabcdbffc93dd6748b2a7615c1521bbe2680bd0a48513
nss-pkcs11-devel-3.44.0-13.el6_10.i686.rpm SHA-256: 320ceb5245add477ad08db44321f3d8c70e29c7ad19f235e8cfb0885ad6d9349
nss-pkcs11-devel-3.44.0-13.el6_10.x86_64.rpm SHA-256: ea0e454730b84b02f5c5bdb76f776f47552bf52eb7f51ebb3457986c5fcedda7
nss-sysinit-3.44.0-13.el6_10.x86_64.rpm SHA-256: 316184c06cd100f4a1842a501ac901f94d09058fdae05ee1189653dc3079f70b
nss-tools-3.44.0-13.el6_10.x86_64.rpm SHA-256: 22dea0a9fd47bb41e480a733834751bbfdb0266d5d73524ed26398b379d09d90
i386
nss-3.44.0-13.el6_10.i686.rpm SHA-256: bde230e8bbbf7a36fdc5e27a40553bba7845ba7d74623c6edfa341b97105ab1b
nss-debuginfo-3.44.0-13.el6_10.i686.rpm SHA-256: 2bf686a88109b52a02b330f11d22424f2a8ae2c6011b103ecd38c3cc479995dd
nss-debuginfo-3.44.0-13.el6_10.i686.rpm SHA-256: 2bf686a88109b52a02b330f11d22424f2a8ae2c6011b103ecd38c3cc479995dd
nss-devel-3.44.0-13.el6_10.i686.rpm SHA-256: f524729e387eb3ca77fc80b6ce887e031bef031038b529f71ce3dc117c5cedc0
nss-pkcs11-devel-3.44.0-13.el6_10.i686.rpm SHA-256: 320ceb5245add477ad08db44321f3d8c70e29c7ad19f235e8cfb0885ad6d9349
nss-sysinit-3.44.0-13.el6_10.i686.rpm SHA-256: c76ddfc5f230a2c5d6223442dc0434c7881006189def7f072e1fde4195a832dc
nss-tools-3.44.0-13.el6_10.i686.rpm SHA-256: 7fbeeffb33c5a25bd798b774e581886d630f89738d62271b3209fab96ef01143

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
nss-3.44.0-13.el6_10.src.rpm SHA-256: 2233aded7fcf6911318215c3cc669f8c9cf26740e90ca5be765a2d897a7c0d01
s390x
nss-3.44.0-13.el6_10.s390.rpm SHA-256: d6dd5f8cbd5f62f67e9c2138c9cb2228ea47f452351cc2412678d4048810082d
nss-3.44.0-13.el6_10.s390x.rpm SHA-256: 7860e5b563d05ca19a89a537d5456bafb567e5ce805edb5bface3f7a72eae15a
nss-debuginfo-3.44.0-13.el6_10.s390.rpm SHA-256: 39570052f79bff987f0adc217acdf28053295c7d76f3c18c893cded1a308bfe2
nss-debuginfo-3.44.0-13.el6_10.s390.rpm SHA-256: 39570052f79bff987f0adc217acdf28053295c7d76f3c18c893cded1a308bfe2
nss-debuginfo-3.44.0-13.el6_10.s390x.rpm SHA-256: 6742d863d4694c5c3e6335c821c7efcbcf91c8fa89be3635a9e2e04124385c03
nss-debuginfo-3.44.0-13.el6_10.s390x.rpm SHA-256: 6742d863d4694c5c3e6335c821c7efcbcf91c8fa89be3635a9e2e04124385c03
nss-devel-3.44.0-13.el6_10.s390.rpm SHA-256: c477658d9a13731f3e8ca3f464524ab84b089bb4f5136855f202addd3817c858
nss-devel-3.44.0-13.el6_10.s390x.rpm SHA-256: c30adc9be0a65c43a3f904e229916e9a243638f8f17282a768d4ca2b3c7b8cbe
nss-pkcs11-devel-3.44.0-13.el6_10.s390.rpm SHA-256: 4f3deeee5a06634758decaf9156ed3538843d408965d2b9e28ae9bd31ee817c9
nss-pkcs11-devel-3.44.0-13.el6_10.s390x.rpm SHA-256: adff3aba752004a7cd900226b093d7a61072d7f1169c74eb9277ea3fad0f3ede
nss-sysinit-3.44.0-13.el6_10.s390x.rpm SHA-256: 08dd36aebe022031ffcfec65825400b230c808f20c711cbc92a1b0a53d15cfba
nss-tools-3.44.0-13.el6_10.s390x.rpm SHA-256: 57ccbffbd8a636f2afef24567afed380418aea3ce578a9f14e31a7f13a283390

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our <a href='http://www.redhat.com/en/about/privacy-policy' class='privacy-policy'>Privacy Statement</a> effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter