Описание
ELSA-2012-1090: nss and nspr security, bug fix, and enhancement update (MODERATE)
nspr [4.9.1-4]
- Resolves: rhbz#834219 - Fix postinstall scriptlet failures
- Fix %post and %postun lines per packaging guidelines
- Updated License: to MPLv2.0 per upstream
[4.9.1-3]
- Resolves: rhbz#834219 - Ensure nspr-config.in changes get applied
[4.9.1-2]
- Resolves: rhbz#834219 - restore top section of nspr-config-pc.patch
- Needed to prevent multilib regressions
nss [3.13.5-4.0.1.el5_8 ]
- Update clean.gif in the tarball
[3.13.5-4]
- Related: rhbz#834219 - Fix ia64 / i386 multilib nss install failure
- Remove no longer needed %pre and %preun scriplets meant for nss updates from RHEL-5.0
[3.13.5-3]
- Resolves: rhbz#834219 - Fix the changes to the %post line
- Having multiple commands requires that /sbin/lconfig be the beginning of the scriptlet
[3.13.5-2]
- Resolves: rhbz#834219 - Fix multilib and scriptlet problems
- Fix %post and %postun lines per packaging guildelines
- Add %{?_isa} to tools Requires: per packaging guidelines
- Fix explicit-lib-dependency zlib error reported by rpmlint
[3.13.5-1]
- Resolves: rhbz#834219 - Update RHEL 5.x to NSS 3.13.5 and NSPR 4.9.1 for Mozilla 10.0.6
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
nspr
4.9.1-4.el5_8
nspr-devel
4.9.1-4.el5_8
nss
3.13.5-4.0.1.el5_8
nss-devel
3.13.5-4.0.1.el5_8
nss-pkcs11-devel
3.13.5-4.0.1.el5_8
nss-tools
3.13.5-4.0.1.el5_8
Oracle Linux x86_64
nspr
4.9.1-4.el5_8
nspr-devel
4.9.1-4.el5_8
nss
3.13.5-4.0.1.el5_8
nss-devel
3.13.5-4.0.1.el5_8
nss-pkcs11-devel
3.13.5-4.0.1.el5_8
nss-tools
3.13.5-4.0.1.el5_8
Oracle Linux i386
nspr
4.9.1-4.el5_8
nspr-devel
4.9.1-4.el5_8
nss
3.13.5-4.0.1.el5_8
nss-devel
3.13.5-4.0.1.el5_8
nss-pkcs11-devel
3.13.5-4.0.1.el5_8
nss-tools
3.13.5-4.0.1.el5_8
Связанные CVE
Связанные уязвимости
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security ...
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.