Overview

File _patchinfo of Package patchinfo.15292

<patchinfo incident="15292">
  <issue tracker="cve" id="2019-17006"/>
  <issue tracker="cve" id="2020-12399"/>
  <issue tracker="bnc" id="1171978">VUL-0: CVE-2020-12399: mozilla-nss: Timing attack on DSA signature generation</issue>
  <issue tracker="bnc" id="1159819">VUL-0: CVE-2019-17006: mozilla-nss: nss: Check length of inputs for cryptographic primitives</issue>
  <issue tracker="bnc" id="1169746">GCC 10: mozilla-nss build fails on i586</issue>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for mozilla-nspr, mozilla-nss</summary>
  <description>This update for mozilla-nspr, mozilla-nss fixes the following issues:

mozilla-nss was updated to version 3.53

- CVE-2020-12399: Fixed a timing attack on DSA signature generation (bsc#1171978).
- CVE-2019-17006: Added length checks for cryptographic primitives (bsc#1159819).
Release notes: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53_release_notes

mozilla-nspr to version 4.25
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places