Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Fedora: 2009-12968 Critical: nss-util TLS MITM Attack Resolution

fedora
Calendar Grey December 10, 2009
Dist Fedora Esm H88
The latest update to Fedora's nss-util tackles a severe vulnerability that facilitates TLS man-in-the-middle attacks through session renegotiation.
Update to 3.12.5 This update fixes the following security flaw: CVE-2009-3555 TLS: MITM attacks via session renegotiation

Summary

Utilities for Network Security Services and the Softoken module

Update Information:

Update to 3.12.5 This update fixes the following security flaw: CVE-2009-3555 TLS: MITM attacks via session renegotiation

Topics%20covered

Topics Covered

security advisory fedora tls nss-util mitm attack session negotiation

Change Log

* Thu Dec 3 2009 Elio Maldonado - 3.12.5-1.1 - Update to 3.12.5

References


[ 1 ] Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation https://bugzilla.redhat.com/show_bug.cgi?id=533125

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update nss-util' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: nss-util
Product: Fedora 12
Version: 3.12.5
Release: 1.fc12.1
URL: https://firefox-source-docs.mozilla.org/security/nss/index.html
Summary: Network Security Services Utilities Library

Topics%20covered

Topics Covered

security advisory fedora tls nss-util mitm attack session negotiation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here