RHSA-2023:1368-01 -- Redhat nss, nsprID: oval:org.secpod.oval:def:507583 | Date: (C)2023-04-06 (M)2024-03-27 |
Class: PATCH | Family: unix |
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix: * nss: Arbitrary memory write via PKCS 12 Bug Fix: * In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. * Need to update FIPS review comments into NSS RHEL-9. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 9 |