Stay Connected:

ELSA-2013-1135

ELSA-2013-1135 - nss and nspr security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2013-08-05

Description


nspr
[4.9.2-4]
- Resolves: rhbz#924741 - Rebase to nspr-4.9.5

nss
[3.14.3-6]
- Resolves: rhbz#986969 - nssutil_ReadSecmodDB() leaks memory

[3.14.3-5]
- Define -DNO_FORK_CHECK when compiling softoken for ABI compatibility
- Remove the unused and obsolete nss-nochktest.patch
- Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue

[3.14.3-4]
- Fix rpmdiff test reported failures and remove other unwanted changes
- Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue

[3.14.3-3]
- Update to NSS_3_14_3_RTM
- Rework the rebase to preserve needed idiosynchracies
- Ensure we install frebl/softoken from the extra build tree
- Don't include freebl static library or its private headers
- Add patch to deal with system sqlite not being recent enough
- Don't install nss-sysinit nor sharedb
- Resolves: rhbz#949845 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue

[3.14.3-2]
- Restore the freebl-softoken source tar ball updated to 3.14.3
- Renumbering of some sources for clarity
- Resolves: rhbz#918870 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue

[3.14.3-1]
- Update to NSS_3_14_3_RTM
- Resolves: rhbz#918870 - [RFE][RHEL5] Rebase to nss-3.14.3 to fix the lucky-13 issue


Related CVEs


CVE-2013-0791
CVE-2013-1620

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) nspr-4.9.5-1.el5_9.src.rpm4a9861c02f303949a95813a1cf18939eELSA-2016-0684
nss-3.14.3-6.el5_9.src.rpm9ec833dddec9083f8353211bfe3e2200ELSA-2017-1101
nspr-4.9.5-1.el5_9.i386.rpmf94429cef6b403ddaa2280d93209b6f0ELSA-2016-0684
nspr-devel-4.9.5-1.el5_9.i386.rpm0700db48c513e70a9397928bcfdbc296ELSA-2016-0684
nss-3.14.3-6.el5_9.i386.rpme82951ced92bd930e6cbcc2e4bfb7cb9ELSA-2017-1101
nss-devel-3.14.3-6.el5_9.i386.rpm77a9e505562651bdbd0b73dc67e1c4deELSA-2017-1101
nss-pkcs11-devel-3.14.3-6.el5_9.i386.rpm867dfc90cc84bdaac25b9486f82f8eb6ELSA-2017-1101
nss-tools-3.14.3-6.el5_9.i386.rpm49c89997187cea0bc8527df3eec25563ELSA-2017-1101
Oracle Linux 5 (ia64) nspr-4.9.5-1.el5_9.src.rpm4a9861c02f303949a95813a1cf18939eELSA-2016-0684
nss-3.14.3-6.el5_9.src.rpm9ec833dddec9083f8353211bfe3e2200ELSA-2017-1101
nspr-4.9.5-1.el5_9.i386.rpmf94429cef6b403ddaa2280d93209b6f0ELSA-2016-0684
nspr-4.9.5-1.el5_9.ia64.rpm34618ef7463e85d24fbc531a460adcbaELSA-2016-0684
nspr-devel-4.9.5-1.el5_9.ia64.rpm18e27d514a45814aed23c6b966608977ELSA-2016-0684
nss-3.14.3-6.el5_9.i386.rpme82951ced92bd930e6cbcc2e4bfb7cb9ELSA-2017-1101
nss-3.14.3-6.el5_9.ia64.rpm020a25606cb288539d831cdfa2fdbd14ELSA-2017-1101
nss-devel-3.14.3-6.el5_9.ia64.rpm6d3536cf62d72b145025eef1b3046d7eELSA-2017-1101
nss-pkcs11-devel-3.14.3-6.el5_9.ia64.rpmc36e60c3aa2ecc173a02973589517a4dELSA-2017-1101
nss-tools-3.14.3-6.el5_9.ia64.rpm3a3fb1421a144589d5a812574987340dELSA-2017-1101
Oracle Linux 5 (x86_64) nspr-4.9.5-1.el5_9.src.rpm4a9861c02f303949a95813a1cf18939eELSA-2016-0684
nss-3.14.3-6.el5_9.src.rpm9ec833dddec9083f8353211bfe3e2200ELSA-2017-1101
nspr-4.9.5-1.el5_9.i386.rpmf94429cef6b403ddaa2280d93209b6f0ELSA-2016-0684
nspr-4.9.5-1.el5_9.x86_64.rpm42a8f93ac08bdae88aef5c995b4a0ce4ELSA-2016-0684
nspr-devel-4.9.5-1.el5_9.i386.rpm0700db48c513e70a9397928bcfdbc296ELSA-2016-0684
nspr-devel-4.9.5-1.el5_9.x86_64.rpm3ef9646925232146756208b001efc0d8ELSA-2016-0684
nss-3.14.3-6.el5_9.i386.rpme82951ced92bd930e6cbcc2e4bfb7cb9ELSA-2017-1101
nss-3.14.3-6.el5_9.x86_64.rpm1ab1f7a01b970cf8a1c0e9b4c65ade63ELSA-2017-1101
nss-devel-3.14.3-6.el5_9.i386.rpm77a9e505562651bdbd0b73dc67e1c4deELSA-2017-1101
nss-devel-3.14.3-6.el5_9.x86_64.rpma0ccc8dabdc0450a2eeac038d6091a7cELSA-2017-1101
nss-pkcs11-devel-3.14.3-6.el5_9.i386.rpm867dfc90cc84bdaac25b9486f82f8eb6ELSA-2017-1101
nss-pkcs11-devel-3.14.3-6.el5_9.x86_64.rpmdd1bd4979c0e2bb49147ae059a9b675dELSA-2017-1101
nss-tools-3.14.3-6.el5_9.x86_64.rpmc2fe8359c00821c36f1454cc274be343ELSA-2017-1101



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights