NS-SA-2021-0053
2021-03-09 14:27:07
简介
important: glibc/nss security update
严重级别
important
主题
An update for glibc/nss is now available for NewStart CGSL MAIN 6.02.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
glibc: The glibc-langpack-dv package includes the basic information required to support the dv language in your applications.
nss: This package provides debug sources for package nss. Debug sources are useful when developing applications that use this package or when debugging this package.
Security Fix(es):
glibc: The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input.(CVE-2016-6261)
glibc: The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data.(CVE-2016-6263)
glibc: A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.(CVE-2017-1000408)
glibc: A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.(CVE-2017-1000409)
glibc: Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.(CVE-2017-14062)
glibc: The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string.(CVE-2017-15670)
glibc: The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.(CVE-2017-15804)
glibc: elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.(CVE-2017-16997)
glibc: The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.(CVE-2017-17426)
glibc: An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.(CVE-2017-18269)
glibc: In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.(CVE-2018-1000001)
glibc: stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.(CVE-2018-11236)
glibc: A buffer overflow has been discovered in the GNU C Library (aka glibc or libc6) in the __mempcpy_avx512_no_vzeroupper function when particular conditions are met. An attacker could use this vulnerability to cause a denial of service or potentially execute code.(CVE-2018-11237)
glibc: In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.(CVE-2018-19591)
glibc: In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.(CVE-2019-9169)
glibc: A flaw was found in glibc in versions prior to 2.32. Pseudo-zero values are not validated causing a stack corruption due to a stack-based overflow. The highest threat from this vulnerability is to system availability.(CVE-2020-10029)
glibc: bugfix
nss: A use-after-free flaw was found in Mozilla Network Security Services (NSS) related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS.(CVE-2019-11756)
nss: A vulnerability was discovered in nss where input text length was not checked when using certain cryptographic primitives. This could lead to a heap-buffer overflow resulting in a crash and data leak. The highest threat is to confidentiality and integrity of data as well as system availability.(CVE-2019-17006)
nss: A protocol downgrade flaw was found in Network Security Services (NSS). After a HelloRetryRequest has been sent, the client may negotiate a lower protocol than TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored.(CVE-2019-17023)
nss: A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality.(CVE-2020-12402)
nss: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.02.40B4.
影响组件
影响产品
更新包
{"fix":[{"product":"CGSL MAIN 6.02","pkgs":[{"binary":["glibc-langpack-sgs-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ta-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mg-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sid-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ff-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-gez-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-xh-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-debuginfo-common-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-pa-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-gv-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-cv-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sv-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lzh-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sw-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-uk-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-doi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-cmn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tpi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ug-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-da-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-yue-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-static-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ber-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lij-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ve-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-shn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-zh-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sm-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mfe-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ar-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ga-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ks-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ru-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","libnsl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ht-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-cy-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-br-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bs-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-nss-devel-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nso-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lg-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-el-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mt-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-agr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bem-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sah-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-km-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fa-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fur-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mai-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ca-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-kl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-iu-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-devel-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-gu-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-common-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tt-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mni-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tk-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-gl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-eu-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tg-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ku-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ce-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-pt-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ss-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-dz-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-be-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-locale-source-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-shs-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-benchtests-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-am-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-te-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-gd-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-headers-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ky-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-kw-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-af-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ro-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-wa-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ig-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-miq-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-wo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-de-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hy-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ia-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sd-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-byn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-so-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-kn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mhr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sat-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-id-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-pl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lt-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-dsb-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-om-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-an-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-kab-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mag-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","nscd-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","nss_db-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ik-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-as-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sa-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-wal-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-zu-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ka-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-th-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hif-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mk-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-yo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hak-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-minimal-langpack-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-si-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-debuginfo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-vi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-all-langpacks-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hu-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-csb-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-eo-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nb-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-li-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-kk-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-szl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-my-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-wae-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hsb-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ts-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-chr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ja-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fy-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tl-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-oc-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-niu-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lb-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ur-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mjw-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","nss_hesiod-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ast-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ne-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ha-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bho-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nhn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-it-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-quz-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nan-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hne-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-et-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-kok-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-raj-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fil-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-fi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ms-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bg-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sk-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ak-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-lv-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-dv-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ln-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-hr-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-az-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-or-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-pap-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ayc-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-crh-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-yuw-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-os-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ko-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-rw-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-st-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-uz-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-the-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ti-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-se-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-en-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tig-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tcy-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-es-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sq-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-yi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-anp-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-unm-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-brx-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-tn-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ps-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-cs-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-aa-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-is-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-bhb-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-mi-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-he-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-nds-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-sc-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-ml-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-langpack-to-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","glibc-utils-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm","compat-libpthread-nonshared-2.28-101.el8.cgslv6_2.0.2.g1504d257.x86_64.rpm"],"source":"glibc-2.28-101.el8.cgslv6_2.0.2.g1504d257.src.rpm"},{"binary":["nss-pkcs11-devel-3.53.1-11.el8_2.x86_64.rpm","nss-debuginfo-3.53.1-11.el8_2.x86_64.rpm","nss-softokn-debuginfo-3.53.1-11.el8_2.x86_64.rpm","nss-util-debuginfo-3.53.1-11.el8_2.x86_64.rpm","nss-softokn-freebl-debuginfo-3.53.1-11.el8_2.x86_64.rpm","nss-sysinit-debuginfo-3.53.1-11.el8_2.x86_64.rpm","nss-debugsource-3.53.1-11.el8_2.x86_64.rpm","nss-tools-debuginfo-3.53.1-11.el8_2.x86_64.rpm","nss-util-devel-3.53.1-11.el8_2.x86_64.rpm","nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm","nss-devel-3.53.1-11.el8_2.x86_64.rpm","nss-softokn-freebl-devel-3.53.1-11.el8_2.x86_64.rpm","nss-3.53.1-11.el8_2.x86_64.rpm","nss-sysinit-3.53.1-11.el8_2.x86_64.rpm","nss-util-3.53.1-11.el8_2.x86_64.rpm","nss-tools-3.53.1-11.el8_2.x86_64.rpm","nss-softokn-devel-3.53.1-11.el8_2.x86_64.rpm","nss-softokn-3.53.1-11.el8_2.x86_64.rpm"],"source":"nss-3.53.1-11.el8_2.src.rpm"}]}]}
CVE
参考