Versions mentioned in the description apply to the upstream
Remediation section below for
Centos:7 relevant versions.
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * FTBFS: Paypal Cert expired (BZ#1883973) * FTBFS: IKE CLASS_1563 fails gtest (BZ#1884793) * Cannot compile code with nss headers and -Werror=strict-prototypes (BZ#1885321) * CA HSM ncipher token disabled after RHEL-7.9 update (BZ#1932193)
nss-tools to version 0:3.53.1-7.el7_9 or higher.