nss security update

2024-03-1215:41:47

Rockylinux Product Errata

errata.rockylinux.org

nss library

security update

rocky linux 8

vulnerability

minerva

cve-2023-6135

cvss score

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.8%

JSON

An update is available for nss.
This update affects Rocky Linux 8.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

Security Fix(es):

nss: vulnerable to Minerva side-channel information leak (CVE-2023-6135)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
rocky8i686nss< 3.90.0-6.el8_9nss-0:3.90.0-6.el8_9.i686.rpm
rocky8x86_64nss< 3.90.0-6.el8_9nss-0:3.90.0-6.el8_9.x86_64.rpm
rocky8i686nss-debuginfo< 3.90.0-6.el8_9nss-debuginfo-0:3.90.0-6.el8_9.i686.rpm
rocky8x86_64nss-debuginfo< 3.90.0-6.el8_9nss-debuginfo-0:3.90.0-6.el8_9.x86_64.rpm
rocky8i686nss-debugsource< 3.90.0-6.el8_9nss-debugsource-0:3.90.0-6.el8_9.i686.rpm
rocky8x86_64nss-debugsource< 3.90.0-6.el8_9nss-debugsource-0:3.90.0-6.el8_9.x86_64.rpm
rocky8i686nss-devel< 3.90.0-6.el8_9nss-devel-0:3.90.0-6.el8_9.i686.rpm
rocky8x86_64nss-devel< 3.90.0-6.el8_9nss-devel-0:3.90.0-6.el8_9.x86_64.rpm
rocky8i686nss-softokn< 3.90.0-6.el8_9nss-softokn-0:3.90.0-6.el8_9.i686.rpm
rocky8x86_64nss-softokn< 3.90.0-6.el8_9nss-softokn-0:3.90.0-6.el8_9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
rocky	8	i686	nss	< 3.90.0-6.el8_9	nss-0:3.90.0-6.el8_9.i686.rpm
rocky	8	x86_64	nss	< 3.90.0-6.el8_9	nss-0:3.90.0-6.el8_9.x86_64.rpm
rocky	8	i686	nss-debuginfo	< 3.90.0-6.el8_9	nss-debuginfo-0:3.90.0-6.el8_9.i686.rpm
rocky	8	x86_64	nss-debuginfo	< 3.90.0-6.el8_9	nss-debuginfo-0:3.90.0-6.el8_9.x86_64.rpm
rocky	8	i686	nss-debugsource	< 3.90.0-6.el8_9	nss-debugsource-0:3.90.0-6.el8_9.i686.rpm
rocky	8	x86_64	nss-debugsource	< 3.90.0-6.el8_9	nss-debugsource-0:3.90.0-6.el8_9.x86_64.rpm
rocky	8	i686	nss-devel	< 3.90.0-6.el8_9	nss-devel-0:3.90.0-6.el8_9.i686.rpm
rocky	8	x86_64	nss-devel	< 3.90.0-6.el8_9	nss-devel-0:3.90.0-6.el8_9.x86_64.rpm
rocky	8	i686	nss-softokn	< 3.90.0-6.el8_9	nss-softokn-0:3.90.0-6.el8_9.i686.rpm
rocky	8	x86_64	nss-softokn	< 3.90.0-6.el8_9	nss-softokn-0:3.90.0-6.el8_9.x86_64.rpm