AXSA:2019-4268:01

Release date: 
Thursday, September 12, 2019 - 09:10
Subject: 
nspr-4.21.0-1.el7, nss-util-3.44.0-3.el7, nss-softokn-3.44.0-5.el7, nss-3.44.0-4.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.

The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274)

Security Fix(es):

* ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)

* nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 7.7 Release Notes linked from the References section.

CVE-2018-0495
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
CVE-2018-12404
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. nspr-4.21.0-1.el7.src.rpm
    MD5: 768933d4b9ee79a77ca73dd98b5de702
    SHA-256: 9d4a61345b1065f5de0b83215179aa4b039a180f8ab6e6573704e4437388d2eb
    Size: 1.11 MB
  2. nss-softokn-3.44.0-5.el7.src.rpm
    MD5: 142b12108fd9398206bfe63db8fa3977
    SHA-256: 512b55a66fae2cfeed17dc0567d0bef1241998ca738b09d7d8eb59a1dc0025f1
    Size: 63.24 MB
  3. nss-util-3.44.0-3.el7.src.rpm
    MD5: f2443e1f062cf903b27af04d2849b6be
    SHA-256: b441f8bdd719d5aae4e71fc9d4c65a9368b90904accf5e4a793ac91a31b6bb1b
    Size: 16.30 MB
  4. nss-3.44.0-4.el7.src.rpm
    MD5: b91259303a713a4f3d8721eb63e8d594
    SHA-256: b22b2da103b8dcfbdeb17c408427448638c6953a921763f99965a345480b3e8a
    Size: 22.50 MB

Asianux Server 7 for x86_64
  1. nspr-4.21.0-1.el7.x86_64.rpm
    MD5: b089d02020685ee6c4e894d9c12a2e23
    SHA-256: ce8080344c750da58d0f176654fc430ea9cd76b1ad3e8baae824f81fd1acb584
    Size: 125.82 kB
  2. nspr-devel-4.21.0-1.el7.x86_64.rpm
    MD5: 73128e0eabda8b694bf78bcc6d85bcd4
    SHA-256: 0c727bc0b61d8b18f06711f03a032041b6d744e134971644b7ea6cf497a1caf6
    Size: 114.09 kB
  3. nspr-4.21.0-1.el7.i686.rpm
    MD5: 204dd684aa12bfd00c1da6b6f9ddf9c1
    SHA-256: 56bb4ed4c9b725b1ccbbe3f562d44b6ae3ddfd2d99755daae582a9cf1ba8a46a
    Size: 127.46 kB
  4. nspr-devel-4.21.0-1.el7.i686.rpm
    MD5: 349f7c45742f8e77f1cc72e90d221145
    SHA-256: 5419da320abe45452d6704001ade823960f54b924dc6a1a6d1278e934a4ef5ed
    Size: 114.14 kB
  5. nss-softokn-3.44.0-5.el7.x86_64.rpm
    MD5: 11a7c013f1756ee8aa67add475d10f60
    SHA-256: 21691b25b5d17a11d4b60a426c24b44dbefdaefe5870b75a0f4752d8e87ce606
    Size: 328.22 kB
  6. nss-softokn-devel-3.44.0-5.el7.x86_64.rpm
    MD5: 93ad8d6a24c23637aab58fde34d937ce
    SHA-256: 6723210e538f181c939647ede5f37e701900a698d3c56f9e9a7d5d335a93a6e4
    Size: 28.75 kB
  7. nss-softokn-freebl-3.44.0-5.el7.x86_64.rpm
    MD5: da07fdd5d24c1bdd3e12bebc67546a4f
    SHA-256: 4be798364fc9b53dfaa8e25e8a027f334d59e1c95bc1fed1071c327cf988edbd
    Size: 223.25 kB
  8. nss-softokn-freebl-devel-3.44.0-5.el7.x86_64.rpm
    MD5: 17d121cbb6c008a8858114741ec025be
    SHA-256: a31cde7680fc83659e85c40e73384281ec3e9e13bac90c854b703de29691ac0a
    Size: 51.15 kB
  9. nss-softokn-3.44.0-5.el7.i686.rpm
    MD5: 02aef160d0bdd1547cd728f455786ef0
    SHA-256: 664353725080e5d030754fa740c7ac6614fad2b0adf735f206d1250854c721b9
    Size: 332.52 kB
  10. nss-softokn-devel-3.44.0-5.el7.i686.rpm
    MD5: 92943337068e963594835c1113e30d71
    SHA-256: b76bc2b093a0bbe4641098a9a9d57b3cb6ac32343b59db155a022a6f76e6a68b
    Size: 28.80 kB
  11. nss-softokn-freebl-3.44.0-5.el7.i686.rpm
    MD5: 98afdb8edfc3ded01bd15551002e3df8
    SHA-256: 2fe2135f1b95065704eadc99b3d4c4b2ad3c3a1f566147523fa0181a2eec85ad
    Size: 212.89 kB
  12. nss-softokn-freebl-devel-3.44.0-5.el7.i686.rpm
    MD5: 6687e84a5aa193cee7b82d7ba19bfefd
    SHA-256: 151461ce21783e7c2611edf488c624b7cca1201e38769eae0344354e3c8e9c34
    Size: 50.05 kB
  13. nss-util-3.44.0-3.el7.x86_64.rpm
    MD5: 240109891c2d5fa90fb0c1a67932368c
    SHA-256: 6821288161b19a5198612e2bb7afee1a0169c4d01c57988518abe3e41b114ede
    Size: 77.79 kB
  14. nss-util-devel-3.44.0-3.el7.x86_64.rpm
    MD5: c2d5600e8f408a4981fefd5158078799
    SHA-256: 195af0a0f099fa18a9ab2378fce9615127e3c35e8502aed10b9c46405a9edc6e
    Size: 73.04 kB
  15. nss-util-3.44.0-3.el7.i686.rpm
    MD5: f4bda6a119bf5dcb200f7ccaa6556395
    SHA-256: 3f3380f581025f940a014203ec6c7df6b5247a05962ec932a3174ec9d8d699b0
    Size: 76.26 kB
  16. nss-util-devel-3.44.0-3.el7.i686.rpm
    MD5: f30250f1257131b8bbcc4fd25d95b450
    SHA-256: 32278f82640ea7f48f0a1309d135cfcac0f834de44570ac1241426fa20e75d6a
    Size: 73.08 kB
  17. nss-3.44.0-4.el7.x86_64.rpm
    MD5: 961c8392092647f78bde7f468260bbfe
    SHA-256: 6c20e853ef15d30f3b58abd96753a8fd9a769981dd67e8211ed6c9fbcac984ec
    Size: 852.68 kB
  18. nss-devel-3.44.0-4.el7.x86_64.rpm
    MD5: b4a731358ef3ebf030e490be9d299cd1
    SHA-256: 6df15f559a8b02278404900420be5a20acd8fd44c7a97434b4327b79d10e988e
    Size: 233.32 kB
  19. nss-sysinit-3.44.0-4.el7.x86_64.rpm
    MD5: 0a6d7172113596a06f4c2cddf1e41fa4
    SHA-256: 7d7849bdbe3f92ced8c987b14353d5649cedddd6f5ac732919df9e52d194a14a
    Size: 63.27 kB
  20. nss-tools-3.44.0-4.el7.x86_64.rpm
    MD5: f8b1b4dd7a9e7a5c45e6e671eb2cf3bc
    SHA-256: df996c5590fd1982c69bf2584259cca925a49a40cdf7461835111a9a5a4521d8
    Size: 527.07 kB
  21. nss-3.44.0-4.el7.i686.rpm
    MD5: 2a5cc759ff41d3facda898fcb3b501c4
    SHA-256: 3bc93861363577966554a12254169a5da38d6a9d332aab1c2aaff62114d66a49
    Size: 853.02 kB
  22. nss-devel-3.44.0-4.el7.i686.rpm
    MD5: d3618d1de4129c98ab495a2e6df8ebcf
    SHA-256: 924f725336548ce1940feb5bc1d61faf68a7b0fa75a74c4ea45a4ef2113d5e89
    Size: 234.78 kB
Copyright© 2007-2015 Asianux. All rights reserved.