ELSA-2016-2602

ELSA-2016-2602 - mod_nss security, bug fix, and enhancement update

Type:SECURITY
Severity:LOW
Release Date:2016-11-09

Description


[1.0.14-7]
- Add the permission patch to the repository (#1312583)

[1.0.14-6]
- Check the NSS certificate database directory for read permissions
by the Apache user. (#1312583)

[1.0.14-5]
- Update clean semaphore patch to not free the pinList twice.
(#1364560)

[1.0.14-4]
- Update clean semaphore patch to not close pipe twice and to
shutdown NSS database (#1364560)

[1.0.14-3]
- Clean up semaphore in nss_pcache on shutdown (#1364560)

[1.0.14-2]
- mod_nss sets r->user in fixup even if it was long ago changed
by other module (#1347298)

[1.0.14-1]
- Rebase to 1.0.14 (#1299063)
- Add support for Server Name Indication (SNI) (#1053327)
- Use upstream method to not execute live tests as root (#1256887)
- Always call SSL_ShutdownServerSessionIDCache() in ModuleKill
(#1263301, #1296685)
- Don't require NSSProxyNickname (#1280287)
- Make link to libnssckbi.so an absolute link (#1288471)
- Fail for colons in credentials with FakeBasicAuth (#1295970)
- Don't ignore NSSProtocol when NSSFIPS is enabled (#1312491)
- Check filesystem permissions on NSS database at startup (#1312583)
- OpenSSL ciphers stopped parsing at +, CVE-2016-3099 (#1323913)
- Patch to match available ciphers so tests pass (#1299063)
- Patch to fix tests in brew (#1299063)


Related CVEs


CVE-2016-3099

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) mod_nss-1.0.14-7.el7.src.rpm42aa5cdbc018d30dd9739bbac8e98a49ELBA-2018-0988
mod_nss-1.0.14-7.el7.x86_64.rpm98896ecae341c2cd34be1d14531b9fa1ELBA-2018-0988



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete