Lucene search

K
oraclelinuxOracleLinuxELSA-2020-4076
HistoryOct 08, 2020 - 12:00 a.m.

nss and nspr security, bug fix, and enhancement update

2020-10-0800:00:00
linux.oracle.com
85

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

nspr
[4.25.0-2]

  • Rebuild to fix wrong dist tag
    [4.25.0-1]
  • Rebase to NSPR 4.25
    nss
    [3.53.1-3]
  • Disable dh timing test because it’s unreliable on s390 (from Bob Relyea)
  • Explicitly enable upgradedb/sharedb test cycles
    [3.53.1-2]
  • Disable TLS 1.3 by default
    [3.53.1-1]
  • Rebase to NSS 3.53.1
    [3.44.0-8]
  • Increase timeout on ssl_gtest so that slow platforms can complete when
    running on a busy system.
    nss-softokn
    [3.53.1-6.0.1]
  • Add fips140-2 DSA Known Answer Test fix [Orabug: 26679337]
  • Add fips140-2 ECDSA/RSA/DSA Pairwise Consistency Test fix [Orabug: 26617814],
    [Orabug: 26617879], [Orabug: 26617849]
    [3.53.1-6]
  • turn of ALTIVEC instruction for powerpc because they require
    power8 and we need to support power7 on RHEL7 still.
  • Fix typo in measure.
  • Make sure only 2048 and greater primes are used in FIPS mode
    for dh.
    [3.53.1-5]
  • Fix the patch application in the previous change
    [3.53.1-4]
  • Fix glibc regression in the rebase; run RNG self-tests only if NSPR is linked
    [3.53.1-3]
  • include patches for CVE-2020-6829, CVE-2020-12400,
    and CVE-2020-12401 from upstream (ECC constant time issues).
  • include patches for CVE-2020-12403 from upstream
    (CHACHA issues).
  • include self-tests for kdfs and cmac.
    [3.53.1-2]
  • Install cmac.h required by blapi.h (#1764513)
    [3.53.1-1]
  • Rebase to NSS 3.53.1
    nss-util
    [3.53.1-1]
  • Rebase to NSS 3.53.1

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Related for ELSA-2020-4076