Download
| Alert*
oval:org.secpod.oval:def:1600940
A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack. oval:org.secpod.oval:def:89002575 This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with ... oval:org.secpod.oval:def:204877 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello For more details about the security issue, including ... oval:org.secpod.oval:def:204887 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello For more details about the security issue, including ... oval:org.secpod.oval:def:704432 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:115114 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stan ... oval:org.secpod.oval:def:502370 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello For more details about the security issue, including ... oval:org.secpod.oval:def:115111 Utilities for Network Security Services and the Softoken module oval:org.secpod.oval:def:115067 Utilities for Network Security Services and the Softoken module oval:org.secpod.oval:def:115110 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:115113 Network Security Services Softoken Cryptographic Module oval:org.secpod.oval:def:51186 nss: Network Security Service library Several security issues were fixed in NSS. oval:org.secpod.oval:def:502363 Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello For more details about the security issue, including ... oval:org.secpod.oval:def:115073 Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security stan ... oval:org.secpod.oval:def:115075 Network Security Services Softoken Cryptographic Module oval:org.secpod.oval:def:1502331 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502322 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:115090 NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management and shared library linking. oval:org.secpod.oval:def:89049682 This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with ... oval:org.secpod.oval:def:1700087 A flaw was found in the way NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. A man-in-the-middle attacker could use this flaw in a passive replay attack. |