ELSA-2019-1951

ELSA-2019-1951 - nss and nspr security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2019-08-05

Description


nspr
[4.21.0-2]
- Rebuild

[4.21.0-1]
- Update to NSPR 4.21

nss
[3.44.0-7]
- Backport fixes from 3.44.1

[3.44.0-6]
- Add continuous RNG test required by FIPS
- fipstest: use CKM_TLS12_MASTER_KEY_DERIVE instead of vendor specific mechanism

[3.44.0-5]
- Rebuild with the correct build target

[3.44.0-4.1]
- rebuild to try to retrigger CI tests

[3.44.0-4]
- Fix certutil man page
- Fix extracting a public key from a private key for dh, ec, and dsa

[3.44.0-3]
- Disable TLS 1.3 under FIPS mode
- Disable RSASSA-PKCS1-v1_5 in TLS 1.3
- Fix post-handshake auth transcript calculation if
SSL_ENABLE_SESSION_TICKETS is set
- Revert the change to use XDG basedirs (mozilla#818686)

[3.44.0-2]
- Add ike mechanisms in softokn
- Add FIPS checks in softoken

[3.44.0-1]
- Update to NSS 3.44
- Define NSS_SEED_ONLY_DEV_URANDOM=1 to exclusively use getentropy
- Use %autosetup
- Clean up manual pages generation
- Clean up %check
- Remove prelink dependency, which is not available in RHEL-8
- Remove upstreamed patches


Related CVEs


CVE-2018-18508
CVE-2019-11719
CVE-2019-11727
CVE-2019-11729

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) nspr-4.21.0-2.el8_0.src.rpm0921ba5394978d53dd21d7dee248a0f8-
nss-3.44.0-7.el8_0.src.rpmc0867f1a99bb6e9bc5659512f7b85274-
nspr-4.21.0-2.el8_0.aarch64.rpm5bc8f961bb6c8a8b8f620c1565aa785d-
nspr-devel-4.21.0-2.el8_0.aarch64.rpmb9224a481f83c38e7764307e0b08aae7-
nss-3.44.0-7.el8_0.aarch64.rpm1e06c2395b6e475fe2d59a7f9f132d00-
nss-devel-3.44.0-7.el8_0.aarch64.rpm622b5fee55da0cffc063299a2db1154c-
nss-softokn-3.44.0-7.el8_0.aarch64.rpmba824efcac9ad0d1a299ac8b0481d1aa-
nss-softokn-devel-3.44.0-7.el8_0.aarch64.rpm24e7f8f4f303f6a535f38283fb146638-
nss-softokn-freebl-3.44.0-7.el8_0.aarch64.rpm9cf404a580112c5b212ffeafe67c8d18-
nss-softokn-freebl-devel-3.44.0-7.el8_0.aarch64.rpmb4af7ee5abf4f90cd407c2a85e920da4-
nss-sysinit-3.44.0-7.el8_0.aarch64.rpm7f19e94e1e7828c05dabca85afaea842-
nss-tools-3.44.0-7.el8_0.aarch64.rpm37dcc3c6b1b0277d913b4ed691d2af14-
nss-util-3.44.0-7.el8_0.aarch64.rpmed10d7d42e86b52b8fe5b498637820c8-
nss-util-devel-3.44.0-7.el8_0.aarch64.rpm828f54726ad522c3bdc24530f4992361-
Oracle Linux 8 (x86_64) nspr-4.21.0-2.el8_0.src.rpm0921ba5394978d53dd21d7dee248a0f8-
nss-3.44.0-7.el8_0.src.rpmc0867f1a99bb6e9bc5659512f7b85274-
nspr-4.21.0-2.el8_0.i686.rpm55ca446a7d77a4496bd9cad69126e8b4-
nspr-4.21.0-2.el8_0.x86_64.rpmdf60a19199df6d213ee8b429df293c78-
nspr-devel-4.21.0-2.el8_0.i686.rpm5ba549a6f2a4d317ee002efbe5ea7ffe-
nspr-devel-4.21.0-2.el8_0.x86_64.rpm491ec334abea6b0d73ab5cd3551a9f57-
nss-3.44.0-7.el8_0.i686.rpm198e6482350f970d7a4c7bc96041cb92-
nss-3.44.0-7.el8_0.x86_64.rpmdddc86761acec7a32f749e45f3669d62-
nss-devel-3.44.0-7.el8_0.i686.rpm947524aff0ac8aff0ee175ba9957f662-
nss-devel-3.44.0-7.el8_0.x86_64.rpmcbe89d38cafbef4303d6aa86eb964b94-
nss-softokn-3.44.0-7.el8_0.i686.rpm3cd3f47fbbbe9f26f8955fc9dccde2e8-
nss-softokn-3.44.0-7.el8_0.x86_64.rpm68ea17ca7befcddab079cf760707a59c-
nss-softokn-devel-3.44.0-7.el8_0.i686.rpm93a79f5688ca153cf542512af525f94b-
nss-softokn-devel-3.44.0-7.el8_0.x86_64.rpmb8bbffe9305ae941c94fbff5251f4e12-
nss-softokn-freebl-3.44.0-7.el8_0.i686.rpm2256c261acb4af4606d2959f5d06dcd3-
nss-softokn-freebl-3.44.0-7.el8_0.x86_64.rpme3112c35346833221563db557c1e8543-
nss-softokn-freebl-devel-3.44.0-7.el8_0.i686.rpm1ecf26d43219b04c5496b9ac6b583814-
nss-softokn-freebl-devel-3.44.0-7.el8_0.x86_64.rpma9d5d70299a0f6d6606798dc9a4db575-
nss-sysinit-3.44.0-7.el8_0.x86_64.rpmee893b2f0cb5773862349ef6d964df4f-
nss-tools-3.44.0-7.el8_0.x86_64.rpm3cf4fbd28e921f7ac67a1b15b16a76fb-
nss-util-3.44.0-7.el8_0.i686.rpm5e7c666310388b214e19f4314569738f-
nss-util-3.44.0-7.el8_0.x86_64.rpmc4700eb42adb38770b23e44f71910da0-
nss-util-devel-3.44.0-7.el8_0.i686.rpm4246bae7c20983928ac1762a82d0cd84-
nss-util-devel-3.44.0-7.el8_0.x86_64.rpm7c621db50e32178e8d1c7e7687e4aaae-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete