Описание
ELSA-2013-1135: nss and nspr security, bug fix, and enhancement update (MODERATE)
nspr [4.9.2-4]
- Resolves: rhbz#924741 - Rebase to nspr-4.9.5
nss [3.14.3-6]
- Resolves: rhbz#986969 - nssutil_ReadSecmodDB() leaks memory
[3.14.3-5]
- Define -DNO_FORK_CHECK when compiling softoken for ABI compatibility
- Remove the unused and obsolete nss-nochktest.patch
- Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue
[3.14.3-4]
- Fix rpmdiff test reported failures and remove other unwanted changes
- Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue
[3.14.3-3]
- Update to NSS_3_14_3_RTM
- Rework the rebase to preserve needed idiosynchracies
- Ensure we install frebl/softoken from the extra build tree
- Don't include freebl static library or its private headers
- Add patch to deal with system sqlite not being recent enough
- Don't install nss-sysinit nor sharedb
- Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue
[3.14.3-2]
- Restore the freebl-softoken source tar ball updated to 3.14.3
- Renumbering of some sources for clarity
- Resolves: rhbz#918870 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue
[3.14.3-1]
- Update to NSS_3_14_3_RTM
- Resolves: rhbz#918870 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
nspr
4.9.5-1.el5_9
nspr-devel
4.9.5-1.el5_9
nss
3.14.3-6.el5_9
nss-devel
3.14.3-6.el5_9
nss-pkcs11-devel
3.14.3-6.el5_9
nss-tools
3.14.3-6.el5_9
Oracle Linux x86_64
nspr
4.9.5-1.el5_9
nspr-devel
4.9.5-1.el5_9
nss
3.14.3-6.el5_9
nss-devel
3.14.3-6.el5_9
nss-pkcs11-devel
3.14.3-6.el5_9
nss-tools
3.14.3-6.el5_9
Oracle Linux i386
nspr
4.9.5-1.el5_9
nspr-devel
4.9.5-1.el5_9
nss
3.14.3-6.el5_9
nss-devel
3.14.3-6.el5_9
nss-pkcs11-devel
3.14.3-6.el5_9
nss-tools
3.14.3-6.el5_9
Связанные CVE
Связанные уязвимости
ELSA-2013-1144: nss, nss-util, nss-softokn, and nspr security update (MODERATE)
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
The TLS implementation in Mozilla Network Security Services (NSS) does ...