SUSE-SU-2016:0189-1

UNKNOWN

Security update for mozilla-nss

Published Jan 21, 2016

Modified 10 years ago

Fix available

Details

This update contains mozilla-nss 3.19.2.2 and fixes the following security issue:

CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature (bsc#959888)

Affected Packages(11 packages)

libfreebl3

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

libfreebl3-32bit

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

libsoftokn3

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

libsoftokn3-32bit

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

mozilla-nss

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

mozilla-nss-32bit

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

mozilla-nss-tools

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

3.19.2.2-22.1

libfreebl3-x86

SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4

Fixed in:

3.19.2.2-22.1

libsoftokn3-x86

SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4

Fixed in:

3.19.2.2-22.1

mozilla-nss-x86

SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4

Fixed in:

3.19.2.2-22.1

References

https://bugzilla.suse.com/959888

https://www.suse.com/security/cve/CVE-2015-7575

https://www.suse.com/support/update/announcement/2016/suse-su-20160189-1/

Upstream

Related

Ecosystems(9)

SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4

Timeline

PublishedJan 21, 2016

ModifiedJan 21, 2016

SUSE-SU-2016:0189-1 | Mondoo Vulnerability Intelligence