23 matches found
Mozilla Firefox Security Advisory (MFSA2019-21) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
SUSE: Security Advisory (SUSE-SU-2019:3395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2545-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS: Security Advisory for nss (CESA-2020:4076)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2020:0088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : nss and nspr on SL7.x x86_64 (20201001)
Security Fixes : - nss: Out-of-bounds read when importing curve25519 private key CVE-2019-11719 - nss: Use-after-free in sftkFreeSession due to improper refcounting CVE-2019-11756 - nss: Check length of inputs for cryptographic primitives CVE-2019-17006 - nss: Side channel attack on ECDSA signatu...
Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
An update for nss, nss-softokn, nss-util, and nspr is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
SUSE SLED12 / SLES12 Security Update : mozilla-nspr, mozilla-nss (SUSE-SU-2020:0088-1)
This update for mozilla-nspr, mozilla-nss fixes the following issues : mozilla-nss was updated to NSS 3.47.1 : Security issues fixed : CVE-2019-17006: Added length checks for cryptographic primitives bsc1159819. CVE-2019-11745: EncryptUpdate should use maxout, not block size bsc1158527...
openSUSE Security Update : mozilla-nspr / mozilla-nss (openSUSE-2020-8)
This update for mozilla-nspr, mozilla-nss fixes the following issues : mozilla-nss was updated to NSS 3.47.1 : Security issues fixed : - CVE-2019-17006: Added length checks for cryptographic primitives bsc1159819. - CVE-2019-11745: EncryptUpdate should use maxout, not block size bsc1158527. -...
openSUSE: Security Advisory for mozilla-nspr, mozilla-nss (openSUSE-SU-2020:0008-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for mozilla-nspr, mozilla-nss (moderate)
openSUSE Security Update: Security update for mozilla-nspr, mozilla-nss Announcement ID: openSUSE-SU-2020:0008-1 Rating: moderate References: 1141322 1158527 1159819 Cross-References: CVE-2018-18508 CVE-2019-11745 CVE-2019-17006 Affected Products: openSUSE Leap 15.1 An update that fixes three...
SUSE SLED15 / SLES15 Security Update : mozilla-nspr, mozilla-nss (SUSE-SU-2019:3395-1)
This update for mozilla-nspr, mozilla-nss fixes the following issues : mozilla-nss was updated to NSS 3.47.1 : Security issues fixed : CVE-2019-17006: Added length checks for cryptographic primitives bsc1159819. CVE-2019-11745: EncryptUpdate should use maxout, not block size bsc1158527...
SUSE-SU-2019:3395-1 Security update for mozilla-nspr, mozilla-nss
This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives bsc1159819. - CVE-2019-11745: EncryptUpdate should use maxout, not block size bsc1158527. -...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:2545-1)
This update for MozillaFirefox to 68.1 fixes the following issues : Security issues fixed : CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. bsc1140868 CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. bsc1149294 CVE-2019-11710: Fixed several memory...
RHEL 8 : nss and nspr (RHSA-2019:1951)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1951 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...
Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Ubuntu: Security Advisory (USN-4054-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-11727
A vulnerability exists where it possible to force Network Security Services NSS to sign CertificateVerify with PKCS1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerabilit...
CVE-2019-11727
CVE-2019-11727 concerns Mozilla NSS and affects Firefox versions earlier than 68. The issue allows NSS to sign TLS 1.3 CertificateVerify messages with PKCS#1 v1.5 signatures when those are the only ones advertised by the server in CertificateRequest. This is inappropriate for TLS 1.3 and is the u...
Updated firefox packages fix security vulnerability
Sandbox escape via installation of malicious language pack. CVE-2019-9811 Script injection within domain through inner window reuse. CVE-2019-11711 Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects. CVE-2019-11712 Use-after-free with HTTP/2 cached stream...