Synopsis: Important: nss, nss-softokn, nss-util security update Advisory ID: SLSA-2019:4190-1 Issue Date: 2019-12-10 CVE Numbers: None -- Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) -- SL7 x86_64 nss-3.44.0-7.el7_7.i686.rpm nss-3.44.0-7.el7_7.x86_64.rpm nss-debuginfo-3.44.0-7.el7_7.i686.rpm nss-debuginfo-3.44.0-7.el7_7.x86_64.rpm nss-softokn-3.44.0-8.el7_7.i686.rpm nss-softokn-3.44.0-8.el7_7.x86_64.rpm nss-softokn-debuginfo-3.44.0-8.el7_7.i686.rpm nss-softokn-debuginfo-3.44.0-8.el7_7.x86_64.rpm nss-softokn-freebl-3.44.0-8.el7_7.i686.rpm nss-softokn-freebl-3.44.0-8.el7_7.x86_64.rpm nss-sysinit-3.44.0-7.el7_7.x86_64.rpm nss-tools-3.44.0-7.el7_7.x86_64.rpm nss-util-3.44.0-4.el7_7.i686.rpm nss-util-3.44.0-4.el7_7.x86_64.rpm nss-util-debuginfo-3.44.0-4.el7_7.i686.rpm nss-util-debuginfo-3.44.0-4.el7_7.x86_64.rpm nss-devel-3.44.0-7.el7_7.i686.rpm nss-devel-3.44.0-7.el7_7.x86_64.rpm nss-pkcs11-devel-3.44.0-7.el7_7.i686.rpm nss-pkcs11-devel-3.44.0-7.el7_7.x86_64.rpm nss-softokn-devel-3.44.0-8.el7_7.i686.rpm nss-softokn-devel-3.44.0-8.el7_7.x86_64.rpm nss-softokn-freebl-devel-3.44.0-8.el7_7.i686.rpm nss-softokn-freebl-devel-3.44.0-8.el7_7.x86_64.rpm nss-util-devel-3.44.0-4.el7_7.i686.rpm nss-util-devel-3.44.0-4.el7_7.x86_64.rpm - Scientific Linux Development Team