Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-0684

Опубликовано: 25 апр. 2016
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2016-0684: nss and nspr security, bug fix, and enhancement update (MODERATE)

nspr [4.11.0-0.1]

  • Rebase to NSPR 4.11
  • Resolves: Bug 1297943 - Rebase RHEL 5.11.z to NSPR 4.11 in preparation for Firefox 45

nss [3.21.0-6]

  • Fix SSL_DH_MIN_P_BITS in more places.

[3.21.0-5]

  • Keep SSL_DH_MIN_P_BITS at 768 as in the previously released build.

[3.21.0-4]

  • Run SSL tests

[3.21.0-3]

  • Add compatility patches to prevent regressions

[3.21.0-2]

  • Ensure all ssl.sh tests are executed

[3.21.0-1]

  • Rebase to nss 3.21
  • Resolves: Bug 1297944 - Rebase RHEL 5.11.z to NSS 3.21 in preparation for Firefox 45

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

nspr

4.11.0-1.el5_11

nspr-devel

4.11.0-1.el5_11

nss

3.21.0-6.el5_11

nss-devel

3.21.0-6.el5_11

nss-pkcs11-devel

3.21.0-6.el5_11

nss-tools

3.21.0-6.el5_11

Oracle Linux x86_64

nspr

4.11.0-1.el5_11

nspr-devel

4.11.0-1.el5_11

nss

3.21.0-6.el5_11

nss-devel

3.21.0-6.el5_11

nss-pkcs11-devel

3.21.0-6.el5_11

nss-tools

3.21.0-6.el5_11

Oracle Linux i386

nspr

4.11.0-1.el5_11

nspr-devel

4.11.0-1.el5_11

nss

3.21.0-6.el5_11

nss-devel

3.21.0-6.el5_11

nss-pkcs11-devel

3.21.0-6.el5_11

nss-tools

3.21.0-6.el5_11

Связанные CVE

CVE-2016-1978
CVE-2016-1979

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2016-0685

oracle-oval
больше 9 лет назад

ELSA-2016-0685: nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update (MODERATE)

oracle-oval логотип

ELSA-2016-0591

oracle-oval
больше 9 лет назад

ELSA-2016-0591: nss, nss-util, and nspr security, bug fix, and enhancement update (MODERATE)

ubuntu логотип

CVE-2016-1978

CVSS3: 7.3
ubuntu
больше 9 лет назад

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.

redhat логотип

CVE-2016-1978

redhat
больше 9 лет назад

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.

nvd логотип

CVE-2016-1978

CVSS3: 7.3
nvd
больше 9 лет назад

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.