OVMSA-2016-0065

OVMSA-2016-0065 - nspr security update

Type:SECURITY
Severity:NA
Release Date:2016-06-20

Description


[4.11.0-0.1]
- Rebase to NSPR 4.11
- Resolves: Bug 1297943 - Rebase RHEL 5.11.z to NSPR 4.11 in preparation for Firefox 45

[4.10.8-2]
- Resolves: Bug 1269359 - CVE-2015-7183
- nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash (under ASAN), potential memory corruption [rhel-5.11.z]

[4.10.8-1]
- Rebase to nspr-4.10.8
- Resolves: Bug 1200921 - Rebase nspr to 4.10.8 for Firefox 38 ESR [RHEL-5.11]

[4.10.6-1]
- Rebase to nspr-4.10.6
- Resolves: Bug 1110857 - Rebase nspr in RHEL 5.11 to NSPR 4.10.6 for FF31

[4.10.2-3]
- Retagging
- Resolves: rhbz#1032468

[4.10.2-2]
- Remove an unused patch
- Resolves: rhbz#1032468 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws [rhel-5.11]

[4.10.2-1]
- Update to nspr-4.10.2
- Resolves: rhbz#1032468 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws [rhel-5.11]

[4.10.0-2]
- Retagging to fix an inconsitency in the release tags
- Resolves: rhbz#1002641 - Rebase RHEL 5 to NSPR 4.10 (for FF 24.x)

[4.9.5-1]
- Rebase to nspr-4.10.0
- Resolves: rhbz#1002641 - Rebase RHEL 5 to NSPR 4.10 (for FF 24.x)

[4.9.5-2]
- Resolves: rhbz#737704 - Fix spec file test script typo and enable running the test suites

[4.9.5-1]
- Resolves: rhbz#919183 - Rebase to nspr-4.9.5

[4.9.2-1]
- Resolves: rhbz#883777- [RFE] Rebase nspr to 4.9.2 due to Firefox 17 ESR

[4.9.1-6]
- Resolves: rhbz#633519 - pthread_key_t leak and memory corruption

[4.9.1-5]
- Resolves: rhbz#831654 - Fix %post and %postun
- Updated License: to MPLv2.0 per upstream

[4.9.1-4]
- Resolves: rhbz#831654 - Pick up fixes from the rhel-5.8 branch
- Regenerated nspr-config-pc.patch passes the the rpmdiff tests

[4.9.1-3]
- Resolves: rhbz#831654 - restore top section of nspr-config-pc.patch
- Needed to prevent multilib regressions

[4.9.1-2]
- Resolves: rhbz#831654 - revert unwanted changes to nspr.pc
- Change -L@libdir@/nspr4 to -L@libdir@ in the patch

[4.9.1-1]
- Update to NSPR_4_9_1_RTM
- Resolves: rhbz#831654

[4.8.9-1]
- rebuilt

[4.8.9-1]
- Resolves: Bug 772945 - [RFE] Async update nspr to make firefox 10 LTS rebase possible
- Update to 4.8.9

[4.8.8-2]
- Bumping the relase tag so it's higher than the one in 5.7-z

[4.8.8-1]
- Update to 4.8.8


Related CVEs


CVE-2012-0441
CVE-2013-0791
CVE-2013-1620
CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
CVE-2013-5607
CVE-2014-1544
CVE-2015-7181
CVE-2015-7182
CVE-2015-7183
CVE-2016-1978
CVE-2016-1979

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.2 (x86_64) nspr-4.11.0-1.el5_11.src.rpmdbc19e962ff1b9b91d16858f10dee1e1OVMBA-2019-0058
nspr-4.11.0-1.el5_11.x86_64.rpm592ef47287e91ea84bdcee5ac4e143b3OVMBA-2019-0058



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete