[El-errata] ELSA-2019-4190 Important: Oracle Linux 7 nss, nss-softokn, nss-util security update (aarch64)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Dec 11 19:04:49 PST 2019


Oracle Linux Security Advisory ELSA-2019-4190

http://linux.oracle.com/errata/ELSA-2019-4190.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
nss-3.44.0-7.el7_7.aarch64.rpm
nss-devel-3.44.0-7.el7_7.aarch64.rpm
nss-sysinit-3.44.0-7.el7_7.aarch64.rpm
nss-tools-3.44.0-7.el7_7.aarch64.rpm
nss-pkcs11-devel-3.44.0-7.el7_7.aarch64.rpm
nss-softokn-3.44.0-8.0.1.el7_7.aarch64.rpm
nss-softokn-devel-3.44.0-8.0.1.el7_7.aarch64.rpm
nss-softokn-freebl-3.44.0-8.0.1.el7_7.aarch64.rpm
nss-softokn-freebl-devel-3.44.0-8.0.1.el7_7.aarch64.rpm
nss-util-3.44.0-4.el7_7.aarch64.rpm
nss-util-devel-3.44.0-4.el7_7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nss-3.44.0-7.el7_7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/nss-softokn-3.44.0-8.0.1.el7_7.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/nss-util-3.44.0-4.el7_7.src.rpm



Description of changes:

nss
[3.44.0-7]
- Increase timeout on ssl_gtest so that slow platforms can complete when
running on a busy system.

[3.44.0-6]
- back out out-of-bounds patch (patch for nss-softokn).
- Fix segfault on empty or malformed ecdh keys (#1777712)

[3.44.0-5]
- Fix out-of-bounds write in NSC_EncryptUpdate (#1775910)

nss-softokn
[3.44.0-8.0.1]
- Add fips140-2 DSA Known Answer Test fix [Orabug: 26679337]
- Add fips140-2 ECDSA/RSA/DSA Pairwise Consistency Test fix [Orabug: 
26617814],
[Orabug: 26617879], [Orabug: 26617849]

[3.44.0-8]
- Fix segfault on empty or malformed ecdh keys (#1777712)

[3.44.0-7]
- Fix out-of-bounds write in NSC_EncryptUpdate (#1775911,#1775910)

[3.44.0-6]
- Fix fipstest to use the standard mechanism for TLS 1.2 PRF

nss-util
[3.44.0-4]
- Fix segfault on empty or malformed ecdh keys (#1777712)





More information about the El-errata mailing list