Fedora 22 NSS Update: Critical Fix for Logjam Vulnerability
fedora
June 2, 2015
Security fix for CVE-2015-4000 Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack
Summary
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.
Update Information:
Security fix for CVE-2015-4000
Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack.
The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default.
For the full list of changes in the 3.19 and 3.19.1 releases, please refer to the upstream release notes documents:
Topics Covered
Change Log
* Thu May 28 2015 Kai Engert
References
[ 1 ] Bug #1223211 - CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1223211
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update nss' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: nss
Product: Fedora 22
Version: 3.19.1
Release: 1.0.fc22
Summary: Network Security Services
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!