nss-softokn-3.44.0-8.el7, nss-util-3.44.0-4.el7, nss-3.44.0-7.el7

エラータID: AXSA:2019-4421:01

Release date: 
Monday, December 23, 2019 - 06:44
Subject: 
nss-softokn-3.44.0-8.el7, nss-util-3.44.0-4.el7, nss-3.44.0-7.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

The nss-softokn package provides the Network Security Services Softoken Cryptographic Module.

The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries.

Security Fix(es):

* nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)

* nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-11729
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11745
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

CVEs: 
CVE-2019-11729
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11745
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Additional Info: 

N/A

Download: 

SRPMS
  1. nss-3.44.0-7.el7.src.rpm
    MD5: 1548c0b61c2bbcf8163662155f915415
    SHA-256: 64a3175ec486c31f7771f2d08abfe49258ee12b9db20fe5bc2ae8172f2dc39c8
    Size: 22.50 MB
  2. nss-softokn-3.44.0-8.el7.src.rpm
    MD5: 6df6d19a75e33a3c2b175e3f5aba6fbf
    SHA-256: 2a9866502650384d0a8dc27f5ef732eafda5999ba8ab0673c26842ca13787deb
    Size: 63.25 MB
  3. nss-util-3.44.0-4.el7.src.rpm
    MD5: 4494029afe402574752977a1224dc918
    SHA-256: de519a9723bff1cc4c68a7fa3caa905b783294b12150766c31a9bf124d40bf31
    Size: 16.30 MB

Asianux Server 7 for x86_64
  1. nss-3.44.0-7.el7.x86_64.rpm
    MD5: 0ca35b23a03a1d2883b99be76b47e955
    SHA-256: c52bc70ee60985327d7fca7f229823e0f3f7af56a8571ef8a57269d5b04ca033
    Size: 853.09 kB
  2. nss-devel-3.44.0-7.el7.x86_64.rpm
    MD5: fab69d21c9e38c72d208af67ebc3396e
    SHA-256: 12a55deaf1c6ea3810e5fb9c6aac3f264cb9a867ff7eaf599bd3b0059be8c36a
    Size: 233.72 kB
  3. nss-sysinit-3.44.0-7.el7.x86_64.rpm
    MD5: be499a79694bff54543f80a9e9651a8a
    SHA-256: 8529a8f0eb510a8df35247b69e5f3b3ea7d0e9b84c5ca1559528326046e4a2f6
    Size: 63.68 kB
  4. nss-tools-3.44.0-7.el7.x86_64.rpm
    MD5: 452c5aee9374e57f22df2e3eda5d9dc3
    SHA-256: fa6c5933fe82a66fe8eab6bf21dcd2bb92c22f90a3ee5f7436c522062e3743db
    Size: 527.43 kB
  5. nss-3.44.0-7.el7.i686.rpm
    MD5: 3f9a14ec78223075ebb0f53e2abf213e
    SHA-256: 40650756fde01f8d6fa460651160950f691c919e283af404297810f97216ca8a
    Size: 853.27 kB
  6. nss-devel-3.44.0-7.el7.i686.rpm
    MD5: 5e77f500f5a010378a81da4a0a9e0ae4
    SHA-256: b937671fac62ef7e383be8375461bd8fd870a4693f926336cd10ff57257101e1
    Size: 235.18 kB
  7. nss-softokn-3.44.0-8.el7.x86_64.rpm
    MD5: 06de37c1d4dd3136317db06bf75c5e7a
    SHA-256: 9615860312d3244a462fed1fbd77a800e847d05868d6e01cc0bad9289322da53
    Size: 328.89 kB
  8. nss-softokn-devel-3.44.0-8.el7.x86_64.rpm
    MD5: 304ca490341f9bbce8afbf07c47d8fb1
    SHA-256: dd828602d202eb983277b2ac94a109382212ac4935da0a683fee5b27f7c8aaa3
    Size: 29.07 kB
  9. nss-softokn-freebl-3.44.0-8.el7.x86_64.rpm
    MD5: 4b88dcc741c2588f3767f1600731b137
    SHA-256: 992df562b23d34d6aa38720a7d92fd2e5064955704b25e11617517a3ba21680d
    Size: 223.52 kB
  10. nss-softokn-freebl-devel-3.44.0-8.el7.x86_64.rpm
    MD5: 2b00a5a3dbd81e56d767d4bf18bf8208
    SHA-256: 7bf252bbcab1cb5b67f19afe0dd7de6184ed35e25b661509c10552bb560d6f10
    Size: 51.47 kB
  11. nss-softokn-3.44.0-8.el7.i686.rpm
    MD5: d728c0262f899a52bda925980988afed
    SHA-256: 47dc997900f9760552045f65ad0b2cf2c2247723d377b88f2a251afaf7c3b3ae
    Size: 332.70 kB
  12. nss-softokn-devel-3.44.0-8.el7.i686.rpm
    MD5: 70257cba3399c275265b0a0bf2a80974
    SHA-256: f1bec92db947e796d6c8b5f965041770bbf03a3ae951c7408eadc5cdc0f34166
    Size: 29.12 kB
  13. nss-softokn-freebl-3.44.0-8.el7.i686.rpm
    MD5: ff0a430ccc7b8d43ba1e7627f0ff79ff
    SHA-256: b3d6ed8ea3f843f831a0f0be13037797ed6bc6da10cc4863a4dd289413fdcf78
    Size: 213.23 kB
  14. nss-softokn-freebl-devel-3.44.0-8.el7.i686.rpm
    MD5: bff2bd94893f84e2b17581c2f3b35788
    SHA-256: cc79d334dfe938341650a21e566fb9a7450a446574155213afd883ae7ee67445
    Size: 50.38 kB
  15. nss-util-3.44.0-4.el7.x86_64.rpm
    MD5: 48613e8af9c736972ba329fecbf97432
    SHA-256: e5c2ca08b19570bdae5ffa153a8158851dc37be354c5e28c24b5147603ef2b71
    Size: 77.90 kB
  16. nss-util-devel-3.44.0-4.el7.x86_64.rpm
    MD5: 3085cfc39e056fe4c425003b31838f5d
    SHA-256: 426a809ce785be4e8b09ad840542a59da7d40b25d0e7427afe04f4ecfd8583b0
    Size: 73.14 kB
  17. nss-util-3.44.0-4.el7.i686.rpm
    MD5: 7f39035f6b5205f3a7bb98e9d589b381
    SHA-256: 63f96032e4bcc2abc484199440749700b739823f99ef315ee260446bf4f7ef27
    Size: 76.46 kB
  18. nss-util-devel-3.44.0-4.el7.i686.rpm
    MD5: 53581151a3c87777d6a7c5c23a4897e1
    SHA-256: f6096d583578a4299edb84210ab305d023ddacbd6210b5c46f33f4baf44fa954
    Size: 73.18 kB