Lucene search
RedHatRHSA-2019:2237HistoryAug 06, 2019 - 8:15 a.m.
(RHSA-2019:2237) Moderate: nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
2019-08-0608:15:59
access.redhat.com
53
0.102 Low
EPSS
Percentile
95.0%
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.
The following packages have been upgraded to a later upstream version: nss (3.44.0), nss-softokn (3.44.0), nss-util (3.44.0), nspr (4.21.0). (BZ#1645231, BZ#1692269, BZ#1692271, BZ#1692274)
Security Fix(es):
-
ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)
-
nss: Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | s390 | nspr-devel | < 4.21.0-1.el7 | nspr-devel-4.21.0-1.el7.s390.rpm |
| RedHat | 7 | ppc64le | nss-util-debuginfo | < 3.44.0-3.el7 | nss-util-debuginfo-3.44.0-3.el7.ppc64le.rpm |
| RedHat | 7 | s390 | nss-pkcs11-devel | < 3.44.0-4.el7 | nss-pkcs11-devel-3.44.0-4.el7.s390.rpm |
| RedHat | 7 | x86_64 | nss | < 3.44.0-4.el7 | nss-3.44.0-4.el7.x86_64.rpm |
| RedHat | 7 | i686 | nss-softokn-freebl | < 3.44.0-5.el7 | nss-softokn-freebl-3.44.0-5.el7.i686.rpm |
| RedHat | 7 | x86_64 | nss-sysinit | < 3.44.0-4.el7 | nss-sysinit-3.44.0-4.el7.x86_64.rpm |
| RedHat | 7 | s390 | nss-util | < 3.44.0-3.el7 | nss-util-3.44.0-3.el7.s390.rpm |
| RedHat | 7 | s390x | nss-util-debuginfo | < 3.44.0-3.el7 | nss-util-debuginfo-3.44.0-3.el7.s390x.rpm |
| RedHat | 7 | x86_64 | nss-softokn-devel | < 3.44.0-5.el7 | nss-softokn-devel-3.44.0-5.el7.x86_64.rpm |
| RedHat | 7 | s390 | nspr | < 4.21.0-1.el7 | nspr-4.21.0-1.el7.s390.rpm |
Related
centos
centos
nspr, nss security update
2019-08-30 03:43:23
nessus
nessus
RHEL 7 : nss, nss-softokn, nss-util, and nspr (RHSA-2019:2237)
2019-08-12 00:00:00
EulerOS Virtualization 3.0.6.0 : nss-softokn (EulerOS-SA-2020-1754)
2020-07-01 00:00:00
amazon
amazon
Medium: nss
2019-09-30 22:57:00
Important: nss, nss-softokn, nss-util, nspr
2020-03-16 21:29:00
openvas
openvas
Huawei EulerOS: Security Advisory for nss-softokn (EulerOS-SA-2019-2246)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for nss-softokn (EulerOS-SA-2020-1651)
2020-06-16 00:00:00
Huawei EulerOS: Security Advisory for nss-softokn (EulerOS-SA-2020-1252)
2020-03-13 00:00:00
ibm
ibm
oraclelinux
oraclelinux
suse
suse
Security update for mozilla-nspr and mozilla-nss (moderate)
2018-12-28 21:12:25
Security update for mozilla-nss (important)
2019-02-14 00:00:00
Security update for libgcrypt (moderate)
2018-07-28 16:00:35
ubuntu
ubuntu
NSS vulnerabilities
2019-02-18 00:00:00
NSS vulnerabilities
2019-01-09 00:00:00
NSS vulnerability
2019-12-09 00:00:00
debiancve
debiancve
prion
prion
Denial of service
2020-10-22 21:15:00
Design/Logic Flaw
2019-05-02 17:29:00
Memory corruption
2018-06-13 23:29:00
ubuntucve
ubuntucve
cvelist
cvelist
debian
debian
[SECURITY] [DLA 2015-1] nss security update
2019-11-29 15:50:12
[SECURITY] [DSA 4231-1] libgcrypt20 security update
2018-06-17 18:53:17
[SECURITY] [DSA 4231-1] libgcrypt20 security update
2018-06-17 18:53:17
osv
osv
nss - security update
2019-11-29 00:00:00
CVE-2018-12404
2019-05-02 17:29:01
CVE-2018-0495
2018-06-13 23:29:00
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2020-12-29 01:50:55
Information Disclosure
2019-08-08 00:07:30
Side-channel Attack
2019-06-03 00:25:00
nvd
nvd
cve
cve
fedora
fedora
[SECURITY] Fedora 29 Update: nss-3.40.1-1.0.fc29
2018-12-09 21:03:20
[SECURITY] Fedora 28 Update: nss-3.40.1-1.0.fc28
2018-12-11 01:58:33
[SECURITY] Fedora 27 Update: libgcrypt-1.8.3-1.fc27
2018-06-17 19:45:43
f5
f5
K10281096 : TLS in Mozilla NSS vulnerability CVE-2018-12404
2019-01-07 00:00:00
K20001553 : Libgcrypt vulnerability CVE-2018-0495
2018-09-28 00:00:00
mageia
mageia
Updated nss packages fix security vulnerability
2018-12-16 00:29:48
Updated libgcrypt packages fix security vulnerability
2018-07-01 20:17:14
Updated libcrypt packages fix a security vulnerability
2018-07-02 01:17:47
alpinelinux
alpinelinux
CVE-2018-12404
2019-05-02 17:29:01
CVE-2018-0495
2018-06-13 23:29:00
slackware
slackware
[slackware-security] mozilla-nss
2018-12-03 21:40:40
[slackware-security] libgcrypt
2018-06-13 22:09:13
symantec
symantec
freebsd
freebsd
libgcrypt -- side-channel attack vulnerability
2018-06-13 00:00:00
archlinux
archlinux
[ASA-201806-10] libgcrypt: private key recovery
2018-06-16 00:00:00
cloudfoundry
cloudfoundry
USN-3689-1: Libgcrypt vulnerability | Cloud Foundry
2018-07-10 00:00:00
ics
ics
Siemens RUGGEDCOM ROX II
2021-02-09 12:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-1.0-0182
2018-09-05 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0091
2018-09-06 00:00:00
Moderate Photon OS Security Update - PHSA-2019-0020
2019-06-17 00:00:00
redhat
redhat
(RHSA-2020:1461) Important: nss-softokn security update
2020-04-14 14:33:58
(RHSA-2020:1345) Important: nss-softokn security update
2020-04-07 08:30:50
(RHSA-2020:1267) Important: nss-softokn security update
2020-04-01 07:33:21