ELSA-2013-1829

Опубликовано: 12 дек. 2013

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2013-1829: nss, nspr, and nss-util security update (IMPORTANT)

nspr [4.10.0-2]

Rebase to nspr-4.10.2
Resolves: rhbz#1032485 - CVE-2013-5607 (MFSA 2013-103) Avoid unsigned integer wrapping in PL_ArenaAllocate (MFSA 2013-103)

nss [3.15.3-2.0.1]

Added nss-vendor.patch to change vendor

[3.15.3-2]

Enable patch with fix for deadlock in trust domain lock and object lock
Resolves: Bug 1036477 - deadlock in trust domain lock and object lock
Disable hw gcm on rhel-5 based build environments where OS lacks support
Rollback changes to build nss without softokn until Bug 689919 is approved
Cipher suite was run as part of the nss-softokn build

[3.15.3-1]

Update to NSS_3_15_3_RTM
Resolves: Bug 1032470 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741

nss-util [3.15.3-1]

Update to NSS_3_15_3_RTM
Resolves: rhbz#1032470 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

nspr

4.10.2-1.el6_5

nspr-devel

4.10.2-1.el6_5

nss

3.15.3-2.0.1.el6_5

nss-devel

3.15.3-2.0.1.el6_5

nss-pkcs11-devel

3.15.3-2.0.1.el6_5

nss-sysinit

3.15.3-2.0.1.el6_5

nss-tools

3.15.3-2.0.1.el6_5

nss-util

3.15.3-1.el6_5

nss-util-devel

3.15.3-1.el6_5

Oracle Linux i686

nspr

4.10.2-1.el6_5

nspr-devel

4.10.2-1.el6_5

nss

3.15.3-2.0.1.el6_5

nss-devel

3.15.3-2.0.1.el6_5

nss-pkcs11-devel

3.15.3-2.0.1.el6_5

nss-sysinit

3.15.3-2.0.1.el6_5

nss-tools

3.15.3-2.0.1.el6_5

nss-util

3.15.3-1.el6_5

nss-util-devel

3.15.3-1.el6_5

Связанные CVE

Ссылки на источники

Связанные уязвимости

ELSA-2013-1791

oracle-oval

почти 12 лет назад

ELSA-2013-1791: nss and nspr security, bug fix, and enhancement update (IMPORTANT)

CVE-2013-1741

ubuntu

почти 12 лет назад

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

CVE-2013-1741

redhat

почти 12 лет назад

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

CVE-2013-1741

nvd

почти 12 лет назад

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

CVE-2013-1741

debian

почти 12 лет назад

Integer overflow in Mozilla Network Security Services (NSS) 3.15 befor ...