Stay Connected:

ELSA-2013-1144

ELSA-2013-1144 - nss, nss-util, nss-softokn, and nspr security update

Type:SECURITY
Severity:MODERATE
Release Date:2013-08-07

Description


nspr
[4.9.5-2]
- Update to NSPR_4_9_5_RTM
- Resolves: rhbz#927186 - Rebase to nspr-4.9.5
- Add upstream URL for an existing patch per packaging guidelines

[4.9.5-1]
- Resolves: Rebase to nspr-4.9.5

[4.9.2-1]
- Update to nspr-4.9.2
- Related: rhbz#863286

nss
[3.14.3-4.0.1.el6_4]
- Added nss-vendor.patch to change vendor

[3.14.3-4]
- Revert to accepting MD5 on digital signatures by default
- Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled

[3.14.3-3]
- Ensure pem uses system freebl as with this update freebl brings in new API's
- Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue

[3.14.3-2]
- Install sechash.h and secmodt.h which are now provided by nss-devel
- Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue
- Remove unsafe -r option from commands that remove headers already shipped by nss-util and nss-softoken

[3.14.3-1]
- Update to NSS_3.14.3_RTM
- Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue
- Update expired test certificates (fixed in upstream bug 852781)
- Sync up pem module's rsawrapr.c with softoken's upstream changes for nss-3.14.3
- Reactivate the aia tests

nss-softokn
[3.14.3-3]
- Add patch to conditionally compile according to old or new sqlite api
- new is used on rhel-6 while rhel-5 uses old but we need the same code for both
- Resolves: rhbz#927158 - Rebase to nss-softokn 3.14.3 to fix the lucky-13 issue

[3.14.3-2]
- Revert to using a code patch for relro support
- Related: rhbz#927158

[3.14.3-1]
- Update to NSS_3_14_3_RTM
- Resolves: rhbz#927158 - Rebase to nss-softokn 3.14.3 to fix the lucky-13 issue
- Add export LD_LIBRARY_PATH=//usr/lib before the signing commands in __spec_install_post scriplet
to ensure signing tool links with in-tree freebl so verification uses same algorithm as in signing
- Add %check section to run the upstream crypto reqression test suite as per packaging guidelines
- Don't install sechash.h or secmodt.h which as per 3.14 are provided by nss-devel
- Update the licence to MPLv2.0

[3.12.9-12]
- Bootstrapping of the builroot in preparation for rebase to 3.14.3
- Remove hasht.h from the %files devel list to prevent update conflicts with nss-util
- With 3.14.3 hasht.h will be provided by nss-util-devel
- Related: rhbz#927158 - rebase nss-softokn to 3.14.3

nss-util
[3.14.3-3]
- Resolves: rhbz#984967 - nssutil_ReadSecmodDB leaks memory

[3.14.3-2]
- Revert to accepting MD5 on digital signatures by default
- Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled

[3.14.3-1]
- Update to NSS_3_14_3_RTM
- Resolves: rhbz#927171 - Rebase to 3.14.3 as part of the fix for the lucky-13 issue


Related CVEs


CVE-2013-0791
CVE-2013-1620

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) nspr-4.9.5-2.el6_4.src.rpm8286676ba33fc54090dc9947b8ed58e7ELEA-2019-3280
nss-3.14.3-4.0.1.el6_4.src.rpmc707b323b7a91f00655d749988f74b6eELEA-2019-3280
nss-softokn-3.14.3-3.el6_4.src.rpm7d67a14e67117a7c04dd81c310ec7e77ELBA-2020-6004
nss-util-3.14.3-3.el6_4.src.rpm48e029aec4d3df3e979183544bd90b85ELEA-2019-3280
nspr-4.9.5-2.el6_4.i686.rpm247f34e3674a11fddd8ad60860c1d064ELEA-2019-3280
nspr-devel-4.9.5-2.el6_4.i686.rpm5be31b68d360d93f255a31cd46a0fe17ELEA-2019-3280
nss-3.14.3-4.0.1.el6_4.i686.rpm4f1cb296cc1661d9f01abc3908c381b8ELEA-2019-3280
nss-devel-3.14.3-4.0.1.el6_4.i686.rpmd89863b412ffaee2590cd548b0c127a8ELEA-2019-3280
nss-pkcs11-devel-3.14.3-4.0.1.el6_4.i686.rpmd2f72f7a9da355e4828a4f08f08f2373ELEA-2019-3280
nss-softokn-3.14.3-3.el6_4.i686.rpmf1b8216830421b6cc9d7bb0293906800ELBA-2020-6004
nss-softokn-devel-3.14.3-3.el6_4.i686.rpma0e0af436f56299440f58350bf9060a5ELBA-2020-6004
nss-softokn-freebl-3.14.3-3.el6_4.i686.rpma1c2321bbdc15998bc5120bcc40eb66cELBA-2020-6004
nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpmf5b52958c29fcebf4f62b5ab36f8d9cdELBA-2020-6004
nss-sysinit-3.14.3-4.0.1.el6_4.i686.rpm00ca6ddd5e4e1a470b484a3744249d3aELEA-2019-3280
nss-tools-3.14.3-4.0.1.el6_4.i686.rpma09c6c6c80e92f2a6f4f00a3f1c5e94bELEA-2019-3280
nss-util-3.14.3-3.el6_4.i686.rpmf194d13493cbaf2fa0cccb069f11904dELEA-2019-3280
nss-util-devel-3.14.3-3.el6_4.i686.rpma0a0ec9d7201d8a349d7c5fc106c9771ELEA-2019-3280
Oracle Linux 6 (x86_64) nspr-4.9.5-2.el6_4.src.rpm8286676ba33fc54090dc9947b8ed58e7ELEA-2019-3280
nss-3.14.3-4.0.1.el6_4.src.rpmc707b323b7a91f00655d749988f74b6eELEA-2019-3280
nss-softokn-3.14.3-3.el6_4.src.rpm7d67a14e67117a7c04dd81c310ec7e77ELBA-2020-6004
nss-util-3.14.3-3.el6_4.src.rpm48e029aec4d3df3e979183544bd90b85ELEA-2019-3280
nspr-4.9.5-2.el6_4.i686.rpm247f34e3674a11fddd8ad60860c1d064ELEA-2019-3280
nspr-4.9.5-2.el6_4.x86_64.rpm1ff129ffe00ef6a1dee5c1c08d0cbc3cELEA-2019-3280
nspr-devel-4.9.5-2.el6_4.i686.rpm5be31b68d360d93f255a31cd46a0fe17ELEA-2019-3280
nspr-devel-4.9.5-2.el6_4.x86_64.rpmf3f9a47f6c48fc8326f73f90d10d3d30ELEA-2019-3280
nss-3.14.3-4.0.1.el6_4.i686.rpm4f1cb296cc1661d9f01abc3908c381b8ELEA-2019-3280
nss-3.14.3-4.0.1.el6_4.x86_64.rpm96e355c37cf51d82fb00262b66a49fa0ELEA-2019-3280
nss-devel-3.14.3-4.0.1.el6_4.i686.rpmd89863b412ffaee2590cd548b0c127a8ELEA-2019-3280
nss-devel-3.14.3-4.0.1.el6_4.x86_64.rpmc32f0168737e85932e6622d155092367ELEA-2019-3280
nss-pkcs11-devel-3.14.3-4.0.1.el6_4.i686.rpmd2f72f7a9da355e4828a4f08f08f2373ELEA-2019-3280
nss-pkcs11-devel-3.14.3-4.0.1.el6_4.x86_64.rpm0b26464455799cfb78e8ff25faf5577aELEA-2019-3280
nss-softokn-3.14.3-3.el6_4.i686.rpmf1b8216830421b6cc9d7bb0293906800ELBA-2020-6004
nss-softokn-3.14.3-3.el6_4.x86_64.rpmb93449788c7749033dde530e55c7448cELBA-2020-6004
nss-softokn-devel-3.14.3-3.el6_4.i686.rpma0e0af436f56299440f58350bf9060a5ELBA-2020-6004
nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm5dedd3157d6cf41d58181a441055f848ELBA-2020-6004
nss-softokn-freebl-3.14.3-3.el6_4.i686.rpma1c2321bbdc15998bc5120bcc40eb66cELBA-2020-6004
nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpma4deac8eab2bb711dc0b06b3c55fd021ELBA-2020-6004
nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpmf5b52958c29fcebf4f62b5ab36f8d9cdELBA-2020-6004
nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm840b9ad3fe74b9c9660376bfce241855ELBA-2020-6004
nss-sysinit-3.14.3-4.0.1.el6_4.x86_64.rpm4f0041ed7ad14db7e96b29ab4057e9daELEA-2019-3280
nss-tools-3.14.3-4.0.1.el6_4.x86_64.rpm99045b7d7d7eb9806a9e1f571d1d9ed1ELEA-2019-3280
nss-util-3.14.3-3.el6_4.i686.rpmf194d13493cbaf2fa0cccb069f11904dELEA-2019-3280
nss-util-3.14.3-3.el6_4.x86_64.rpm69457e0743fcf2d9c272bf7748a60504ELEA-2019-3280
nss-util-devel-3.14.3-3.el6_4.i686.rpma0a0ec9d7201d8a349d7c5fc106c9771ELEA-2019-3280
nss-util-devel-3.14.3-3.el6_4.x86_64.rpm20420c3d04091d1c7203fe4f9c304604ELEA-2019-3280



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights