| Summary: | nss new security issue CVE-2018-12404 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, herman.viaene, lewyssmith, mageia, sysadmin-bugs |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6-32-OK MGA6-64-OK | ||
| Source RPM: | nss-3.36.5-1.2.mga6.src.rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 23706, 23991 | ||
|
Description
David Walser
2018-12-08 18:36:03 CET
Installed and tested without issues.
Tested with firefox. Checked with strace to confirm libs were used.
System: Mageia 6, x86_64, Firefox, Plasma, LXQt, Intel CPU, nVidia GPU using nvidia340 proprietary driver.
$ uname -a
Linux marte 4.14.78-desktop-1.mga6 #1 SMP Sun Oct 21 20:31:12 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
$ rpm -q firefox
firefox-60.3.0-1.mga6
$ strace -o tmp/strace.log /usr/bin/firefox
<SNIP>
$ egrep -o 'open\("[^"]*"' tmp/strace.log | egrep -o '".*"' | egrep -o '[^"]*' | sort -u > tmp/strace_files.log
$ rpm -ql $(rpm -qa | egrep 'nss.*3.36|rootcert' | sort) > tmp/rpm_files.log
$ for U in $(cat tmp/strace_files.log) ; do grep "$U" tmp/rpm_files.log ; done
/usr/lib64/libfreeblpriv3.so
/usr/lib64/libnss3.so
/usr/lib64/libnssutil3.so
/usr/lib64/libsmime3.so
/usr/lib64/libsoftokn3.so
/usr/lib64/libssl3.soCC:
(none) =>
mageia
David Walser
2018-12-11 04:12:22 CET
Blocks:
(none) =>
23991
Nicolas Salguero
2018-12-11 09:47:50 CET
Blocks:
(none) =>
23706 on mga6-64 plasma packages installed cleanly: rootcerts-20181108.00-1.mga6.noarch rootcerts-java-20181108.00-1.mga6.noarch lib64nss3-3.36.6-1.mga6.x86_64 nss-3.36.6-1.mga6.x86_64 no regressions observed looks OK for mga6-64 MGA6-32 MATE on IBM Thinkpad R50e No installation issues. Installed cleanly, further tested by installation of Firefox update bug 23991 (which is dependent on this version of nss). Whiteboard:
(none) =>
MGA6-32-OK (In reply to Herman Viaene from comment #3) > MGA6-32 MATE on IBM Thinkpad R50e > No installation issues. > Installed cleanly, further tested by installation of Firefox update bug > 23991 (which is dependent on this version of nss). Did the same on a 64-bit Plasma install on a Probook 6550b, updating Firefox and Thunderbird at the same time. Used QA Repo for the task, being careful to add "64" to library names where appropriate when entering the package list. All packages installed cleanly. Looks good here on 64-bit. Validating. Advisory in Description. Whiteboard:
MGA6-32-OK =>
MGA6-32-OK MGA6-64-OK An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0482.html Resolution:
(none) =>
FIXED |