SUSE-SU-2022:2536-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2022/suse-su-20222536-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2536-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2022:2536-1

Related

CVE-2021-43527

Published

2022-07-22T15:54:23Z

Modified

2022-07-22T15:54:23Z

Summary

Security update for mozilla-nspr, mozilla-nss

Details

This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to fix various issues:

FIPS 140-3 enablement patches were backported from SUSE Linux Enterprise 15.

FIPS: add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck() (bsc#1198980).
FIPS: mark algorithms as approved/non-approved according to security policy (bsc#1191546, bsc#1201298).
FISP: remove hard disabling of unapproved algorithms. This requirement is now fulfilled by the service level indicator (bsc#1200325).

Version update to NSS 3.79

Use PK11GetSlotInfo instead of raw CGetSlotInfo calls.
Update mercurial in clang-format docker image.
Use of uninitialized pointer in lg_init after alloc fail.
selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
Add SECMOD_LockedModuleHasRemovableSlots.
Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts.
TLS 1.3 Server: Send protocolversion alert on unsupported ClientHello.legacyversion.
Correct invalid record inner and outer content type alerts.
NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
improve error handling after nssCKFWInstance_CreateObjectHandle.
Initialize pointers passed to NSSCMSDigestContextFinishMultiple.
NSS 3.79 should depend on NSPR 4.34

Update to NSS 3.78.1

Initialize pointers passed to NSSCMSDigestContextFinishMultiple

update to NSS 3.78

Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests.
Reworked overlong record size checks and added TLS1.3 specific boundaries.
Add ECH Grease Support to tstclnt
Add a strict variant of moz::pkix::CheckCertHostname.
Change SSLREUSESERVERECDHEKEY default to false.
Make SEC_PKCS12EnableCipher succeed
Update zlib in NSS to 1.2.12.

Update to NSS 3.77:

resolve mpitests build failure on Windows.
Fix link to TLS page on wireshark wiki
Add two D-TRUST 2020 root certificates.
Add Telia Root CA v2 root certificate.
Remove expired explicitly distrusted certificates from certdata.txt.
support specific RSA-PSS parameters in mozilla::pkix
Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
Remove token member from NSSSlot struct.
Provide secure variants of mpppprime and mppmake_prime.
Support UTF-8 library path in the module spec string.
Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
Add a CI Target for gcc-11.
Change to makefiles for gcc-4.8.
Update googletest to 1.11.0
Add SetTls13GreaseEchSize to experimental API.
TLS 1.3 Illegal legacy_version handling/alerts.
Fix calculation of ECH HRR Transcript.
Allow ld path to be set as environment variable.
Ensure we don't read uninitialized memory in ssl gtests.
Fix DataBuffer Move Assignment.
internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3
rework signature verification in mozilla::pkix

update to NSS 3.76.1

Remove token member from NSSSlot struct.

NSS 3.76

Hold tokensLock through nssTokenGetSlot calls in nssTrustDomainGetActiveSlots.
Check return value of PK11Slot_GetNSSToken.
Use Wycheproof JSON for RSASSA-PSS
Add SHA256 fingerprint comments to old certdata.txt entries.
Avoid truncating files in nss-release-helper.py.
Throw illegal_parameter alert for illegal extensions in handshake message.

update to NSS 3.75

Make DottedOIDToCode.py compatible with python3.
Avoid undefined shift in SSLCERTIS while fuzzing.
Remove redundant key type check.
Update ABI expectations to match ECH changes.
Enable CKM_CHACHA20.
check return on NSSNoDBInit and NSS_Shutdown.
real move assignment operator.
Run ECDSA test vectors from bltest as part of the CI tests.
Add ECDSA test vectors to the bltest command line tool.
Allow to build using clang's integrated assembler.
Allow to override python for the build.
test HKDF output rather than input.
Use ASSERT macros to end failed tests early.
move assignment operator for DataBuffer.
Add test cases for ECH compression and unexpected extensions in SH.
Update tests for ECH-13.
Tidy up error handling.
Add tests for ECH HRR Changes.
Server only sends GREASE HRR extension if enabled by preference.
Update generation of the Associated Data for ECH-13.
When ECH is accepted, reject extensions which were only advertised in the Outer Client Hello.
Allow for compressed, non-contiguous, extensions.
Scramble the PSK extension in CHOuter.
Split custom extension handling for ECH.
Add ECH-13 HRR Handling.
Client side ECH padding.
Stricter ClientHelloInner Decompression.
Remove ECH_inner extension, use new enum format.
Update the version number for ECH-13 and adjust the ECHConfig size.

Update to NSS 3.74:

mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
Ensure clients offer consistent ciphersuites after HRR
NSS does not properly restrict server keys based on policy
Set nssckbi version number to 2.54
Replace Google Trust Services LLC (GTS) R4 root certificate
Replace Google Trust Services LLC (GTS) R3 root certificate
Replace Google Trust Services LLC (GTS) R2 root certificate
Replace Google Trust Services LLC (GTS) R1 root certificate
Replace GlobalSign ECC Root CA R4
Remove Expired Root Certificates - DST Root CA X3
Remove Expiring Cybertrust Global Root and GlobalSign root certificates
Add renewed Autoridad de Certificacion Firmaprofesional CIF A62634068 root certificate
Add iTrusChina ECC root certificate
Add iTrusChina RSA root certificate
Add ISRG Root X2 root certificate
Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
Avoid a clang 13 unused variable warning in opt build
Check for missing signedData field
Ensure DER encoded signatures are within size limits
enable key logging option (bsc#1195040)

Update to NSS 3.73.1:

Add SHA-2 support to mozilla::pkix's OSCP implementation

Update to NSS 3.73

check for missing signedData field.
Ensure DER encoded signatures are within size limits.
NSS needs FiPS 140-3 version indicators.
pkixCacheCertLookup doesn't return cached certs
sunset Coverity from NSS

MFSA 2021-51 (bsc#1193170) CVE-2021-43527: Memory corruption via DER-encoded DSA and RSA-PSS signatures

Update to NSS 3.72

Fix nsinstall parallel failure.
Increase KDF cache size to mitigate perf regression in about:logins

Update to NSS 3.71

Set nssckbi version number to 2.52.
Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
Import of PKCS#12 files with Camellia encryption is not supported
Add HARICA Client ECC Root CA 2021.
Add HARICA Client RSA Root CA 2021.
Add HARICA TLS ECC Root CA 2021.
Add HARICA TLS RSA Root CA 2021.
Add TunTrust Root CA certificate to NSS.

update to NSS 3.70

Update test case to verify fix.
Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
Avoid using a lookup table in nssb64d.
Use HW accelerated SHA2 on AArch64 Big Endian.
Change default value of enableHelloDowngradeCheck to true.
Cache additional PBE entries.
Read HPKE vectors from official JSON.

Update to NSS 3.69.1

Disable DTLS 1.0 and 1.1 by default
integrity checks in key4.db not happening on private components with AES_CBC

NSS 3.69

Disable DTLS 1.0 and 1.1 by default (backed out again)
integrity checks in key4.db not happening on private components with AES_CBC (backed out again)
SSL handling of signature algorithms ignores environmental invalid algorithms.
sqlite 3.34 changed it's open semantics, causing nss failures.
Gtest update changed the gtest reports, losing gtest details in all.sh reports.
NSS incorrectly accepting 1536 bit DH primes in FIPS mode
SQLite calls could timeout in starvation situations.
Coverity/cpp scanner errors found in nss 3.67
Import the NSS documentation from MDN in nss/doc.
NSS using a tempdir to measure sql performance not active
FIPS: scan LDLIBRARYPATH for external libraries to be checksummed.
Run test suite at build time, and make it pass (bsc#1198486).
Enable FIPS during test certificate creation and disables the library checksum validation during same.
FIPS: allow checksumming to be disabled, but only if we entered FIPS mode due to NSS_FIPS being set, not if it came from /proc.
FIPS: This makes the PBKDF known answer test compliant with NIST SP800-132.
FIPS: update validation string to version-release format. (bsc#1192079).
FIPS: remove XCBC MAC from list of FIPS approved algorithms.
Enable NSSENABLEFIPSINDICATORS and set NSSFIPSMODULEID for build.
FIPS: claim 3DES unapproved in FIPS mode (bsc#1192080).
FIPS: allow testing of unapproved algorithms (bsc#1192228).
FIPS: adds FIPS version indicators. (bmo#1729550, bsc#1192086).
FIPS: Add CSP clearing (bmo#1697303, bsc#1192087).

mozilla-nspr was updated to version 4.34:

add an API that returns a preferred loopback IP on hosts that have two IP stacks available.

update to 4.33: * fixes to build system and export of private symbols

References

Affected packages

SUSE:OpenStack Cloud 9 / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:OpenStack Cloud 9 / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "mozilla-nspr-devel": "4.34-19.21.1",
            "mozilla-nss-devel": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "mozilla-nspr-devel": "4.34-19.21.1",
            "mozilla-nss-devel": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2-BCL / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3-BCL / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3-BCL / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / mozilla-nspr

Package

Name: mozilla-nspr
Purl: purl:rpm/suse/mozilla-nspr&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.34-19.21.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / mozilla-nss

Package

Name: mozilla-nss
Purl: purl:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.79-58.75.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-58.75.1",
            "mozilla-nss-sysinit": "3.79-58.75.1",
            "mozilla-nss-32bit": "3.79-58.75.1",
            "mozilla-nss-certs": "3.79-58.75.1",
            "libsoftokn3-hmac-32bit": "3.79-58.75.1",
            "mozilla-nss-devel": "3.79-58.75.1",
            "libfreebl3-32bit": "3.79-58.75.1",
            "libfreebl3-hmac": "3.79-58.75.1",
            "mozilla-nspr-devel": "4.34-19.21.1",
            "libfreebl3-hmac-32bit": "3.79-58.75.1",
            "libfreebl3": "3.79-58.75.1",
            "mozilla-nspr": "4.34-19.21.1",
            "mozilla-nss-certs-32bit": "3.79-58.75.1",
            "mozilla-nss-tools": "3.79-58.75.1",
            "mozilla-nss-sysinit-32bit": "3.79-58.75.1",
            "libsoftokn3": "3.79-58.75.1",
            "libsoftokn3-32bit": "3.79-58.75.1",
            "mozilla-nspr-32bit": "4.34-19.21.1",
            "mozilla-nss": "3.79-58.75.1"
        }
    ]
}