SUSE-RU-2022:3958-1: moderate: Recommended update for mozilla-nss
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Nov 11 20:46:42 UTC 2022
SUSE Recommended Update: Recommended update for mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:3958-1
Rating: moderate
References: #1191546 #1198980 #1201298 #1202870 #1204729
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 5 recommended fixes can now be installed.
Description:
This update for mozilla-nss fixes the following issues:
mozilla-nss was updated to NSS 3.79.2 (bsc#1204729)
* Bump minimum NSPR version to 4.34.1.
* Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.
- FIPS: Allow the use of DSA keys (verification only) (bsc#1201298).
- FIPS: Add sftk_FIPSRepeatIntegrityCheck() to softoken's .def file
(bsc#1198980).
- FIPS: Allow the use of longer symmetric keys via the service level
indicator (bsc#1191546).
- FIPS: Export sftk_FIPSRepeatIntegrityCheck() correctly (bsc#1198980).
- FIPS: Prevent sessions from getting flagged as non-FIPS (bsc#1191546).
- FIPS: Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- FIPS: Enable userspace entropy gathering via libjitterentropy
(bsc#1202870).
- FIPS: Prevent keys from getting flagged as non-FIPS and add remaining
TLS mechanisms.
- FIPS: Use libjitterentropy for entropy.
- FIPS: Fixed an abort() when both NSS_FIPS and /proc FIPS mode are
enabled.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3958=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3958=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3958=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.2-150400.3.15.1
libfreebl3-debuginfo-3.79.2-150400.3.15.1
libfreebl3-hmac-3.79.2-150400.3.15.1
libsoftokn3-3.79.2-150400.3.15.1
libsoftokn3-debuginfo-3.79.2-150400.3.15.1
libsoftokn3-hmac-3.79.2-150400.3.15.1
mozilla-nss-3.79.2-150400.3.15.1
mozilla-nss-certs-3.79.2-150400.3.15.1
mozilla-nss-certs-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-debugsource-3.79.2-150400.3.15.1
mozilla-nss-devel-3.79.2-150400.3.15.1
mozilla-nss-sysinit-3.79.2-150400.3.15.1
mozilla-nss-sysinit-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-tools-3.79.2-150400.3.15.1
mozilla-nss-tools-debuginfo-3.79.2-150400.3.15.1
- openSUSE Leap 15.4 (x86_64):
libfreebl3-32bit-3.79.2-150400.3.15.1
libfreebl3-32bit-debuginfo-3.79.2-150400.3.15.1
libfreebl3-hmac-32bit-3.79.2-150400.3.15.1
libsoftokn3-32bit-3.79.2-150400.3.15.1
libsoftokn3-32bit-debuginfo-3.79.2-150400.3.15.1
libsoftokn3-hmac-32bit-3.79.2-150400.3.15.1
mozilla-nss-32bit-3.79.2-150400.3.15.1
mozilla-nss-32bit-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-certs-32bit-3.79.2-150400.3.15.1
mozilla-nss-certs-32bit-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-sysinit-32bit-3.79.2-150400.3.15.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.2-150400.3.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.2-150400.3.15.1
libfreebl3-debuginfo-3.79.2-150400.3.15.1
libfreebl3-hmac-3.79.2-150400.3.15.1
libsoftokn3-3.79.2-150400.3.15.1
libsoftokn3-debuginfo-3.79.2-150400.3.15.1
libsoftokn3-hmac-3.79.2-150400.3.15.1
mozilla-nss-3.79.2-150400.3.15.1
mozilla-nss-certs-3.79.2-150400.3.15.1
mozilla-nss-certs-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-debugsource-3.79.2-150400.3.15.1
mozilla-nss-devel-3.79.2-150400.3.15.1
mozilla-nss-sysinit-3.79.2-150400.3.15.1
mozilla-nss-sysinit-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-tools-3.79.2-150400.3.15.1
mozilla-nss-tools-debuginfo-3.79.2-150400.3.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libfreebl3-32bit-3.79.2-150400.3.15.1
libfreebl3-32bit-debuginfo-3.79.2-150400.3.15.1
libfreebl3-hmac-32bit-3.79.2-150400.3.15.1
libsoftokn3-32bit-3.79.2-150400.3.15.1
libsoftokn3-32bit-debuginfo-3.79.2-150400.3.15.1
libsoftokn3-hmac-32bit-3.79.2-150400.3.15.1
mozilla-nss-32bit-3.79.2-150400.3.15.1
mozilla-nss-32bit-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-certs-32bit-3.79.2-150400.3.15.1
mozilla-nss-certs-32bit-debuginfo-3.79.2-150400.3.15.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libfreebl3-3.79.2-150400.3.15.1
libfreebl3-debuginfo-3.79.2-150400.3.15.1
libfreebl3-hmac-3.79.2-150400.3.15.1
libsoftokn3-3.79.2-150400.3.15.1
libsoftokn3-debuginfo-3.79.2-150400.3.15.1
libsoftokn3-hmac-3.79.2-150400.3.15.1
mozilla-nss-3.79.2-150400.3.15.1
mozilla-nss-certs-3.79.2-150400.3.15.1
mozilla-nss-certs-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-debuginfo-3.79.2-150400.3.15.1
mozilla-nss-debugsource-3.79.2-150400.3.15.1
mozilla-nss-tools-3.79.2-150400.3.15.1
mozilla-nss-tools-debuginfo-3.79.2-150400.3.15.1
References:
https://bugzilla.suse.com/1191546
https://bugzilla.suse.com/1198980
https://bugzilla.suse.com/1201298
https://bugzilla.suse.com/1202870
https://bugzilla.suse.com/1204729
More information about the sle-updates
mailing list