Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

Fedora 22 mod_nss Security Advisory: CVE-2015-5244 Critical Cipher Issue

fedora
Calendar Grey January 24, 2016
Dist Fedora Esm H88
Mitigate the mod_nss vulnerability CVE-2015-5244 on Fedora 22 by updating Apache HTTP server packages for secure cipher management and reducing risks
Fix for CVE-2015-5244

Summary

The mod_nss module provides strong cryptography for the Apache Web

server via the Secure Sockets Layer (SSL) and Transport Layer

Security (TLS) protocols using the Network Security Services (NSS)

security library.

Update Information:

Fix for CVE-2015-5244. An OpenSSL cipher string wasn't disabled when prefixed with !.

Change Log

References


[ 1 ] Bug #1263070 - CVE-2015-5244 mod_nss: incorrect ciphersuite parsing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1263070

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update mod_nss' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mod_nss
Product: Fedora 22
Version: 1.0.11
Release: 6.fc22
Summary: SSL/TLS module for the Apache HTTP server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here