Tavis Ormandy discovered that nss, the Mozilla Network Security Service
library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS
signatures, which could result in denial of service or potentially the
execution of arbitrary code
For the oldstable distribution (buster), this problem has been fixed
in version 2:3421-1+deb10u4
For th ...
Synopsis
Important: OpenShift Virtualization 4110 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4110 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v122)Re ...
Synopsis
Important: OpenShift Container Platform 4110 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL ...
Mozilla Foundation Security Advisory 2021-51
Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures
Announced
December 1, 2021
Impact
critical
Products
NSS
Fixed in
NSS 3681
...
A remote code execution flaw was found in the way NSS verifies certificates This flaw allows an attacker posing as an SSL/TLS server to trigger this issue in a client application compiled with NSS when it tries to initiate an SSL/TLS connection Similarly, a server application compiled with NSS, which processes client certificates, can receive a ...
NSS (Network Security Services) versions prior to 373 are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL fu ...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL f ...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL f ...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL ...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL f ...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL f ...
LTS-96 has been updated in the LTS channel to 9604664208 (Platform Version: 14268830) for most ChromeOS devices Want to know more about Long-term Support? Click here This update contains multiple Security fixes, including:1278608 High CVE-2021-43527 Security: CA certificate import exploitable with lar ...
LTS-96 has been updated in the LTS channel to 9604664209 (Platform Version: 14268840) for most ChromeOS devices Want to know more about Long-term Support? Click here This update contains multiple Security fixes, including:1316946 High CVE-2022-1638 [v8] Integer overflow leading to OOB/CHECK in icu_71: ...
ALAS-2022-223
Amazon Linux 2022 Security Advisory: ALAS-2022-223
Advisory Release Date: 2022-12-06 16:42 Pacific
...
NSS (Network Security Services) up to and including 373 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted Applications using NSS for certificate validation or other TLS, X509, OCSP or CRL ...
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS ...