CESA-2019:4190 -- centos 7 nssID: oval:org.secpod.oval:def:205416 | Date: (C)2020-01-09 (M)2024-04-17 |
Class: PATCH | Family: unix |
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services libraries. Security Fix: * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.