Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2014-0917

Опубликовано: 22 июл. 2014
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2014-0917: nss and nspr security, bug fix, and enhancement update (CRITICAL)

nspr [4.10.6-1]

  • Rebase to nspr-4.10.6
  • Resolves: rhbz#1112135

nss [3.16.1-4.0.1.el6_5]

  • Added nss-vendor.patch to change vendor

[3.16.1-4]

  • Update some patches on account of the rebase
  • Resolves: Bug 1099619

[3.16.1-3]

  • Backport nss-3.12.6 upstream fix required by Firefox 31
  • Resolves: Bug 1099619

[3.16.1-2]

  • Remove two unused patches and apply a needed one that was missed
  • Resolves: Bug 1112136 - Rebase nss in RHEL 6.5.Z to NSS 3.16.1

[3.16.1-1]

  • Update to nss-3.16.1
  • Resolves: Bug 1112136 - Rebase nss in RHEL 6.5.Z to NSS 3.16.1

nss-util [3.15.6-1]

  • Update to nss-3.16.1
  • Resolves: rhbz#1112136

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

nspr

4.10.6-1.el6_5

nspr-devel

4.10.6-1.el6_5

nss

3.16.1-4.0.1.el6_5

nss-devel

3.16.1-4.0.1.el6_5

nss-pkcs11-devel

3.16.1-4.0.1.el6_5

nss-sysinit

3.16.1-4.0.1.el6_5

nss-tools

3.16.1-4.0.1.el6_5

nss-util

3.16.1-1.el6_5

nss-util-devel

3.16.1-1.el6_5

Oracle Linux i686

nspr

4.10.6-1.el6_5

nspr-devel

4.10.6-1.el6_5

nss

3.16.1-4.0.1.el6_5

nss-devel

3.16.1-4.0.1.el6_5

nss-pkcs11-devel

3.16.1-4.0.1.el6_5

nss-sysinit

3.16.1-4.0.1.el6_5

nss-tools

3.16.1-4.0.1.el6_5

nss-util

3.16.1-1.el6_5

nss-util-devel

3.16.1-1.el6_5

Связанные CVE

CVE-2013-1740
CVE-2014-1492
CVE-2014-1544
CVE-2014-1490
CVE-2014-1491
CVE-2014-1545

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2014-1246

oracle-oval
почти 11 лет назад

ELSA-2014-1246: nss and nspr security, bug fix, and enhancement update (MODERATE)

ubuntu логотип

CVE-2013-1740

ubuntu
больше 11 лет назад

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

redhat логотип

CVE-2013-1740

redhat
больше 11 лет назад

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

nvd логотип

CVE-2013-1740

nvd
больше 11 лет назад

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic.

debian логотип

CVE-2013-1740

debian
больше 11 лет назад

The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Net ...