SUSE-SU-2022:2533-2

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20222533-2/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2533-2.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:2533-2
Related
Published
2022-07-22T15:39:24Z
Modified
2022-07-22T15:39:24Z
Summary
Security update for mozilla-nss
Details

This update for mozilla-nss fixes the following issues:

Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4:

  • Makes the PBKDF known answer test compliant with NIST SP800-132. (bsc#1192079).
  • FIPS: Add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck() (bsc#1198980).
  • FIPS: mark algorithms as approved/non-approved according to security policy (bsc#1191546, bsc#1201298).
  • FIPS: remove hard disabling of unapproved algorithms. This requirement is now fulfilled by the service level indicator (bsc#1200325).
  • Run test suite at build time, and make it pass (bsc#1198486).
  • FIPS: skip algorithms that are hard disabled in FIPS mode.
  • Prevent expired PayPalEE cert from failing the tests.
  • Allow checksumming to be disabled, but only if we entered FIPS mode due to NSS_FIPS being set, not if it came from /proc.
  • FIPS: Make the PBKDF known answer test compliant with NIST SP800-132.
  • Update FIPS validation string to version-release format.
  • FIPS: remove XCBC MAC from list of FIPS approved algorithms.
  • Enable NSSENABLEFIPSINDICATORS and set NSSFIPSMODULEID for build.
  • FIPS: claim 3DES unapproved in FIPS mode (bsc#1192080).
  • FIPS: allow testing of unapproved algorithms (bsc#1192228).
  • FIPS: add version indicators. (bmo#1729550, bsc#1192086).
  • FIPS: fix some secret clearing (bmo#1697303, bsc#1192087).

Version update to NSS 3.79:

  • Use PK11GetSlotInfo instead of raw CGetSlotInfo calls.
  • Update mercurial in clang-format docker image.
  • Use of uninitialized pointer in lg_init after alloc fail.
  • selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
  • Add SECMOD_LockedModuleHasRemovableSlots.
  • Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
  • Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts.
  • TLS 1.3 Server: Send protocolversion alert on unsupported ClientHello.legacyversion.
  • Correct invalid record inner and outer content type alerts.
  • NSS does not properly import or export pkcs12 files with large passwords and pkcs5v2 encoding.
  • improve error handling after nssCKFWInstance_CreateObjectHandle.
  • Initialize pointers passed to NSSCMSDigestContextFinishMultiple.
  • NSS 3.79 should depend on NSPR 4.34

Version update to NSS 3.78.1:

  • Initialize pointers passed to NSSCMSDigestContextFinishMultiple

Version update to NSS 3.78:

  • Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length record/fragment handling tests.
  • Reworked overlong record size checks and added TLS1.3 specific boundaries.
  • Add ECH Grease Support to tstclnt
  • Add a strict variant of moz::pkix::CheckCertHostname.
  • Change SSLREUSESERVERECDHEKEY default to false.
  • Make SEC_PKCS12EnableCipher succeed
  • Update zlib in NSS to 1.2.12.

Version update to NSS 3.77:

  • Fix link to TLS page on wireshark wiki
  • Add two D-TRUST 2020 root certificates.
  • Add Telia Root CA v2 root certificate.
  • Remove expired explicitly distrusted certificates from certdata.txt.
  • support specific RSA-PSS parameters in mozilla::pkix
  • Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
  • Remove token member from NSSSlot struct.
  • Provide secure variants of mpppprime and mppmake_prime.
  • Support UTF-8 library path in the module spec string.
  • Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
  • Update googletest to 1.11.0
  • Add SetTls13GreaseEchSize to experimental API.
  • TLS 1.3 Illegal legacy_version handling/alerts.
  • Fix calculation of ECH HRR Transcript.
  • Allow ld path to be set as environment variable.
  • Ensure we don't read uninitialized memory in ssl gtests.
  • Fix DataBuffer Move Assignment.
  • internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3
  • rework signature verification in mozilla::pkix

Version update to NSS 3.76.1

  • Remove token member from NSSSlot struct.
  • Hold tokensLock through nssTokenGetSlot calls in nssTrustDomainGetActiveSlots.
  • Check return value of PK11Slot_GetNSSToken.
  • Use Wycheproof JSON for RSASSA-PSS
  • Add SHA256 fingerprint comments to old certdata.txt entries.
  • Avoid truncating files in nss-release-helper.py.
  • Throw illegal_parameter alert for illegal extensions in handshake message.

Version update to NSS 3.75

  • Make DottedOIDToCode.py compatible with python3.
  • Avoid undefined shift in SSLCERTIS while fuzzing.
  • Remove redundant key type check.
  • Update ABI expectations to match ECH changes.
  • Enable CKM_CHACHA20.
  • check return on NSSNoDBInit and NSS_Shutdown.
  • Run ECDSA test vectors from bltest as part of the CI tests.
  • Add ECDSA test vectors to the bltest command line tool.
  • Allow to build using clang's integrated assembler.
  • Allow to override python for the build.
  • test HKDF output rather than input.
  • Use ASSERT macros to end failed tests early.
  • move assignment operator for DataBuffer.
  • Add test cases for ECH compression and unexpected extensions in SH.
  • Update tests for ECH-13.
  • Tidy up error handling.
  • Add tests for ECH HRR Changes.
  • Server only sends GREASE HRR extension if enabled by preference.
  • Update generation of the Associated Data for ECH-13.
  • When ECH is accepted, reject extensions which were only advertised in the Outer Client Hello.
  • Allow for compressed, non-contiguous, extensions.
  • Scramble the PSK extension in CHOuter.
  • Split custom extension handling for ECH.
  • Add ECH-13 HRR Handling.
  • Client side ECH padding.
  • Stricter ClientHelloInner Decompression.
  • Remove ECH_inner extension, use new enum format.
  • Update the version number for ECH-13 and adjust the ECHConfig size.

Version update to NSS 3.74

  • mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
  • Ensure clients offer consistent ciphersuites after HRR
  • NSS does not properly restrict server keys based on policy
  • Set nssckbi version number to 2.54
  • Replace Google Trust Services LLC (GTS) R4 root certificate
  • Replace Google Trust Services LLC (GTS) R3 root certificate
  • Replace Google Trust Services LLC (GTS) R2 root certificate
  • Replace Google Trust Services LLC (GTS) R1 root certificate
  • Replace GlobalSign ECC Root CA R4
  • Remove Expired Root Certificates - DST Root CA X3
  • Remove Expiring Cybertrust Global Root and GlobalSign root certificates
  • Add renewed Autoridad de Certificacion Firmaprofesional CIF A62634068 root certificate
  • Add iTrusChina ECC root certificate
  • Add iTrusChina RSA root certificate
  • Add ISRG Root X2 root certificate
  • Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
  • Avoid a clang 13 unused variable warning in opt build
  • Check for missing signedData field
  • Ensure DER encoded signatures are within size limits

  • enable key logging option (boo#1195040)

Version update to NSS 3.73.1:

  • Add SHA-2 support to mozilla::pkix's OSCP implementation

Version update to NSS 3.73

  • check for missing signedData field.
  • Ensure DER encoded signatures are within size limits.
  • NSS needs FiPS 140-3 version indicators.
  • pkixCacheCertLookup doesn't return cached certs
  • sunset Coverity from NSS

Fixed MFSA 2021-51 (bsc#1193170) CVE-2021-43527: Memory corruption via DER-encoded DSA and RSA-PSS signatures

Version update to NSS 3.72

  • Fix nsinstall parallel failure.
  • Increase KDF cache size to mitigate perf regression in about:logins

Version update to NSS 3.71

  • Set nssckbi version number to 2.52.
  • Respect server requirements of tlsfuzzer/test-tls13-signature-algorithms.py
  • Import of PKCS#12 files with Camellia encryption is not supported
  • Add HARICA Client ECC Root CA 2021.
  • Add HARICA Client RSA Root CA 2021.
  • Add HARICA TLS ECC Root CA 2021.
  • Add HARICA TLS RSA Root CA 2021.
  • Add TunTrust Root CA certificate to NSS.

Version update to NSS 3.70

  • Update test case to verify fix.
  • Explicitly disable downgrade check in TlsConnectStreamTls13.EchOuterWith12Max
  • Explicitly disable downgrade check in TlsConnectTest.DisableFalseStartOnFallback
  • Avoid using a lookup table in nssb64d.
  • Use HW accelerated SHA2 on AArch64 Big Endian.
  • Change default value of enableHelloDowngradeCheck to true.
  • Cache additional PBE entries.
  • Read HPKE vectors from official JSON.

Version update to NSS 3.69.1:

  • Disable DTLS 1.0 and 1.1 by default
  • integrity checks in key4.db not happening on private components with AES_CBC

NSS 3.69:

  • Disable DTLS 1.0 and 1.1 by default (backed out again)
  • integrity checks in key4.db not happening on private components with AES_CBC (backed out again)
  • SSL handling of signature algorithms ignores environmental invalid algorithms.
  • sqlite 3.34 changed it's open semantics, causing nss failures.
  • Gtest update changed the gtest reports, losing gtest details in all.sh reports.
  • NSS incorrectly accepting 1536 bit DH primes in FIPS mode
  • SQLite calls could timeout in starvation situations.
  • Coverity/cpp scanner errors found in nss 3.67
  • Import the NSS documentation from MDN in nss/doc.
  • NSS using a tempdir to measure sql performance not active

Version Update to 3.68.4 (bsc#1200027)

  • CVE-2022-31741: Initialize pointers passed to NSSCMSDigestContextFinishMultiple. (bmo#1767590)

Mozilla NSPR was updated to version 4.34:

  • add an API that returns a preferred loopback IP on hosts that have two IP stacks available.
References

Affected packages

openSUSE:Leap Micro 5.2 / mozilla-nspr

Package

Name
mozilla-nspr
Purl
purl:rpm/suse/mozilla-nspr&distro=openSUSE%20Leap%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.34-150000.3.23.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-150000.3.74.1",
            "mozilla-nss": "3.79-150000.3.74.1",
            "mozilla-nss-certs": "3.79-150000.3.74.1",
            "mozilla-nss-tools": "3.79-150000.3.74.1",
            "libsoftokn3": "3.79-150000.3.74.1",
            "libfreebl3-hmac": "3.79-150000.3.74.1",
            "libfreebl3": "3.79-150000.3.74.1",
            "mozilla-nspr": "4.34-150000.3.23.1"
        }
    ]
}

openSUSE:Leap Micro 5.2 / mozilla-nss

Package

Name
mozilla-nss
Purl
purl:rpm/suse/mozilla-nss&distro=openSUSE%20Leap%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.79-150000.3.74.1

Ecosystem specific

{
    "binaries": [
        {
            "libsoftokn3-hmac": "3.79-150000.3.74.1",
            "mozilla-nss": "3.79-150000.3.74.1",
            "mozilla-nss-certs": "3.79-150000.3.74.1",
            "mozilla-nss-tools": "3.79-150000.3.74.1",
            "libsoftokn3": "3.79-150000.3.74.1",
            "libfreebl3-hmac": "3.79-150000.3.74.1",
            "libfreebl3": "3.79-150000.3.74.1",
            "mozilla-nspr": "4.34-150000.3.23.1"
        }
    ]
}