Oracle Errata SystemOracle Linux5.32021-09-09T12:48:57
ELSA-2020-4076: nss and nspr security, bug fix, and enhancement update (MODERATE)
Oracle Linux 7
nspr
[4.25.0-2]
- Rebuild to fix wrong dist tag
[4.25.0-1]
- Rebase to NSPR 4.25
nss
[3.53.1-3]
- Disable dh timing test because it's unreliable on s390 (from Bob Relyea)
- Explicitly enable upgradedb/sharedb test cycles
[3.53.1-2]
- Disable TLS 1.3 by default
[3.53.1-1]
- Rebase to NSS 3.53.1
[3.44.0-8]
- Increase timeout on ssl_gtest so that slow platforms can complete when
running on a busy system.
nss-softokn
[3.53.1-6.0.1]
- Add fips140-2 DSA Known Answer Test fix [Orabug: 26679337]
- Add fips140-2 ECDSA/RSA/DSA Pairwise Consistency Test fix [Orabug: 26617814],
[Orabug: 26617879], [Orabug: 26617849]
[3.53.1-6]
- turn of ALTIVEC instruction for powerpc because they require
power8 and we need to support power7 on RHEL7 still.
- Fix typo in measure.
- Make sure only 2048 and greater primes are used in FIPS mode
for dh.
[3.53.1-5]
- Fix the patch application in the previous change
[3.53.1-4]
- Fix glibc regression in the rebase; run RNG self-tests only if NSPR is linked
[3.53.1-3]
- include patches for CVE-2020-6829, CVE-2020-12400,
and CVE-2020-12401 from upstream (ECC constant time issues).
- include patches for CVE-2020-12403 from upstream
(CHACHA issues).
- include self-tests for kdfs and cmac.
[3.53.1-2]
- Install cmac.h required by blapi.h (#1764513)
[3.53.1-1]
- Rebase to NSS 3.53.1
nss-util
[3.53.1-1]
- Rebase to NSS 3.53.1
MODERATECopyright 2020 Oracle, Inc.CVE-2019-11719CVE-2019-11727CVE-2019-11756CVE-2019-17006CVE-2019-17023CVE-2020-12402CVE-2020-12403CVE-2020-6829CVE-2020-12400CVE-2020-12401nss-pkcs11-develnss-develnss-util-develnsprnss-softokn-freebl-develnss-utiloraclelinux-releasenss-sysinitnss-toolsnspr-develnss-softoknnssnss-softokn-freeblnss-softokn-devel72f97b74ec551f03^7aarch640:4.25.0-2.el7_90:3.53.1-3.el7_90:3.53.1-6.0.1.el7_90:3.53.1-1.el7_9x86_64