Detections
Analytics

SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 7747)

high Nessus Plugin ID 56611

Language:

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

This update updates Mozilla NSS to 3.12.11.

The update marks the compromised DigiNotar Certificate Authority as untrusted

For more information read :

 - * update to 3.12.10 o root CA changes o filter certain bogus certs (bmo#642815) o fix minor memory leaks o other bugfixes. (MFSA 2011-34)

 - update to 3.12.9 o fix minor memory leaks (bmo#619268) o fix crash in nss_cms_decoder_work_data (bmo#607058) o fix crash in certutil (bmo#620908) o handle invalid argument in JPAKE (bmo#609068) o J-PAKE support (API requirement for Firefox >= 4.0b8)

 - replaced expired PayPal test certificate (fixing testsuite)

 - removed DigiNotar root certifiate from trusted db (bmo#682927) This update also brings the prerequired Mozilla NSPR to version 4.8.9.

 - update to 4.8.9

 - update to 4.8.8 o support IPv6 on Android (bmo#626866) o use AI_ADDRCONFIG for loopback hostnames (bmo#614526) o support SDP sockets (bmo#518078) o support m32r architecture (bmo#635667) o use atomic functions on ARM (bmo#626309) o some other fixes not affecting the Linux platform

Solution

Apply ZYPP patch number 7747.

See Also

https://www.mozilla.org/en-US/security/advisories/mfsa2011-34/

Plugin Details

Severity: High

ID: 56611

File Name: suse_nss-31211-7747.nasl

Version: 1.9

Type: local

Agent: unix

Published: 10/24/2011

Updated: 1/19/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 9/7/2011

Vulnerability Publication Date: 9/7/2011