![]() See How to fix? for Centos:7 relevant fixed versions and status. Note: Versions mentioned in the description apply only to the upstream nss-tools package and not the nss-tools package as distributed by Centos. Upgrade Centos:7 nss-sysinit to version 0:3.67.0-4.el7_9 or higher. Note: Versions mentioned in the description apply only to the upstream nss-sysinit package and not the nss-sysinit package as distributed by Centos. ![]() Upgrade Centos:7 nss to version 0:3.67.0-4.el7_9 or higher. ![]() This vulnerability affects NSS < 3.73 and NSS < 3.68.1. However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. Note: This vulnerability does NOT impact Mozilla Firefox. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. ![]() Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Note: Versions mentioned in the description apply only to the upstream nss package and not the nss package as distributed by Centos. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |