Описание
ELSA-2015-1664: nss security, bug fix, and enhancement update (MODERATE)
[3.19.1-1]
- Rebase nss to 3.19.1
- Pick up upstream fix for client auth. regression caused by 3.19.1
- Revert upstream change to minimum key sizes
- Remove patches that rendered obsolote by the rebase
- Update existing patches on account of the rebase
[3.18.0-7]
- Pick up upstream patch from nss-3.19.1
- Resolves: Bug 1236954 - CVE-2015-2730 NSS: ECDSA signature validation fails to handle some signatures correctly (MFSA 2015-64)
- Resolves: Bug 1236967 - CVE-2015-2721 NSS: incorrectly permited skipping of ServerKeyExchange (MFSA 2015-71)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
nss
3.19.1-1.el5_11
nss-devel
3.19.1-1.el5_11
nss-pkcs11-devel
3.19.1-1.el5_11
nss-tools
3.19.1-1.el5_11
Oracle Linux x86_64
nss
3.19.1-1.el5_11
nss-devel
3.19.1-1.el5_11
nss-pkcs11-devel
3.19.1-1.el5_11
nss-tools
3.19.1-1.el5_11
Oracle Linux i386
nss
3.19.1-1.el5_11
nss-devel
3.19.1-1.el5_11
nss-pkcs11-devel
3.19.1-1.el5_11
nss-tools
3.19.1-1.el5_11
Связанные CVE
Связанные уязвимости
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.
Mozilla Network Security Services (NSS) before 3.19, as used in Mozill ...
Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.