FortiClient Vulnerability

RedHat nss CVE-2020-25648 Denial of Service Vulnerability

Description

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): FTBFS: Paypal Cert expired (BZ#1883973) FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193) FTBFS: Paypal Cert expired (BZ#1883973) FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193) SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.