First published: Wed Apr 01 2020(Updated: )
The nss-softokn package provides the Network Security Services Softoken Cryptographic Module.<br>Security Fix(es):<br><li> nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)</li> <li> ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/nss-softokn | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-debuginfo | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-debuginfo | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-devel | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-devel | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-freebl | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-freebl | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-freebl-devel | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-freebl-devel | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-debuginfo | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-devel | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-freebl | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
redhat/nss-softokn-freebl-devel | <3.36.0-6.el7_5 | 3.36.0-6.el7_5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.