[CLSA-2021:1638804170] Fix of CVE: CVE-2021-43527
Type:
security
Severity:
moderate
Release date:
2021-12-06
Description:
- CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) - Update to CKBI 2.50 from NSS 3.67 - Removing: - # Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - # Certificate "AddTrust Low-Value Services Root" - # Certificate "AddTrust External Root" - # Certificate "GeoTrust Global CA" - # Certificate "GeoTrust Universal CA" - # Certificate "GeoTrust Universal CA 2" - # Certificate "QuoVadis Root CA" - # Certificate "Sonera Class 2 Root CA" - # Certificate "UTN USERFirst Email Root CA" - # Certificate "Taiwan GRCA" - # Certificate "Certplus Class 2 Primary CA" - # Certificate "GeoTrust Primary Certification Authority" - # Certificate "thawte Primary Root CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" - # Certificate "Deutsche Telekom Root CA 2" - # Certificate "GeoTrust Primary Certification Authority - G3" - # Certificate "thawte Primary Root CA - G2" - # Certificate "thawte Primary Root CA - G3" - # Certificate "GeoTrust Primary Certification Authority - G2" - # Certificate "VeriSign Universal Root Certification Authority" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G4" - # Certificate "Staat der Nederlanden Root CA - G2" - # Certificate "Trustis FPS Root CA" - # Certificate "EE Certification Centre Root CA" - # Certificate "Swisscom Root CA 2" - # Certificate "Certinomis - Root CA" - # Certificate "LuxTrust Global Root 2" - # Certificate "Symantec Class 1 Public Primary Certification Authority - G4" - # Certificate "Symantec Class 2 Public Primary Certification Authority - G4" - Adding: - # Certificate "Entrust Root Certification Authority - G4" - # Certificate "Microsoft ECC Root Certificate Authority 2017" - # Certificate "Microsoft RSA Root Certificate Authority 2017" - # Certificate "e-Szigno Root CA 2017" - # Certificate "certSIGN Root CA G2" - # Certificate "Trustwave Global Certification Authority" - # Certificate "Trustwave Global ECC P256 Certification Authority" - # Certificate "Trustwave Global ECC P384 Certification Authority" - # Certificate "NAVER Global Root Certification Authority" - # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" - # Certificate "GlobalSign Secure Mail Root R45" - # Certificate "GlobalSign Secure Mail Root E45" - # Certificate "GlobalSign Root R46" - # Certificate "GlobalSign Root E46" - # Certificate "GLOBALTRUST 2020" - # Certificate "ANF Secure Server Root CA" - # Certificate "Certum EC-384 CA" - # Certificate "Certum Trusted Root CA" - revert last change. Patch was for nss-softokn - Fix out-of-bounds write in NSC_EncryptUpdate (#1775909)
Updated packages:
  • nss-devel-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
    sha:845f422b1bfe4691e5e3d088b59513d3848b0715
  • nss-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
    sha:1a6ba4bb96830e696301c987f5a6f69ff43812e4
  • nss-3.44.0-12.el6.tuxcare.els1.i686.rpm
    sha:3964369baa0d10a4f62ecf136734b24e933ad805
  • nss-sysinit-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
    sha:4eaf3c2963b894549470e8f936891205b4310e74
  • nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
    sha:f4b63df099704f8beafdee88a63f1bdec1656789
  • nss-devel-3.44.0-12.el6.tuxcare.els1.i686.rpm
    sha:207e2f80c1cb5bbbcd84277a44d165b7b8bd7557
  • nss-tools-3.44.0-12.el6.tuxcare.els1.x86_64.rpm
    sha:463b86312939b8e149550ace7d979c0810078961
  • nss-pkcs11-devel-3.44.0-12.el6.tuxcare.els1.i686.rpm
    sha:f85731a10e60bb6b7b17bef2f3c7662f84150c72
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.