SUSE-CU-2022:2965-1: Recommended update of suse/389-ds

sle-updates at lists.suse.com sle-updates at lists.suse.com
Sat Nov 12 08:30:38 UTC 2022


SUSE Container Update Advisory: suse/389-ds
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2965-1
Container Tags        : suse/389-ds:2.0 , suse/389-ds:2.0-17.34 , suse/389-ds:latest
Container Release     : 17.34
Severity              : moderate
Type                  : recommended
References            : 1191546 1198980 1201298 1202870 1204729 
-----------------------------------------------------------------

The container suse/389-ds was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3958-1
Released:    Fri Nov 11 15:20:45 2022
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1191546,1198980,1201298,1202870,1204729
This update for mozilla-nss fixes the following issues:

mozilla-nss was updated to NSS 3.79.2 (bsc#1204729)

* Bump minimum NSPR version to 4.34.1.
* Gracefully handle null nickname in CERT_GetCertNicknameWithValidity.

- FIPS: Allow the use of DSA keys (verification only) (bsc#1201298).
- FIPS: Add sftk_FIPSRepeatIntegrityCheck() to softoken's .def file
  (bsc#1198980).
- FIPS: Allow the use of longer symmetric keys via the service level indicator
  (bsc#1191546).
- FIPS: Export sftk_FIPSRepeatIntegrityCheck() correctly (bsc#1198980).
- FIPS: Prevent sessions from getting flagged as non-FIPS (bsc#1191546).
- FIPS: Mark DSA keygen unapproved (bsc#1191546, bsc#1201298).
- FIPS: Enable userspace entropy gathering via libjitterentropy (bsc#1202870).
- FIPS: Prevent keys from getting flagged as non-FIPS and add remaining TLS mechanisms.
- FIPS: Use libjitterentropy for entropy. 
- FIPS: Fixed an abort() when both NSS_FIPS and /proc FIPS mode are enabled.


The following package changes have been done:

- libfreebl3-3.79.2-150400.3.15.1 updated
- libfreebl3-hmac-3.79.2-150400.3.15.1 updated
- mozilla-nss-certs-3.79.2-150400.3.15.1 updated
- libsoftokn3-3.79.2-150400.3.15.1 updated
- mozilla-nss-3.79.2-150400.3.15.1 updated
- mozilla-nss-tools-3.79.2-150400.3.15.1 updated
- libsoftokn3-hmac-3.79.2-150400.3.15.1 updated


More information about the sle-updates mailing list