-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: nss, nss-util, and nss-softokn security, bug fix, and enhancement update
Advisory ID:       RHSA-2014:1948-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2014:1948.html
Issue date:        2014-12-02
====================================================================
1. Summary:

Updated nss, nss-util, and nss-softokn packages that contain a patch to
mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various
enhancements are now available for Red Hat Enterprise Linux 5, 6, and 7.

Red Hat Product Security has rated this update as having Important 
security impact.

2. Relevant releases/architectures:

RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Netscape Portable Runtime (NSPR) provides platform
independence for non-GUI operating system facilities.

This update adds support for the TLS Fallback Signaling Cipher Suite Value
(TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade
attacks against applications which re-connect using a lower SSL/TLS
protocol version when the initial connection indicating the highest
supported protocol version fails.

This can prevent a forceful downgrade of the communication to SSL 3.0.
The SSL 3.0 protocol was found to be vulnerable to the padding oracle
attack when using block cipher suites in cipher block chaining (CBC) mode.
This issue is identified as CVE-2014-3566, and also known under the alias
POODLE. This SSL 3.0 protocol flaw will not be addressed in a future
update; it is recommended that users configure their applications to
require at least TLS protocol version 1.0 for secure communication.

For additional information about this flaw, see the Knowledgebase article
at https://access.redhat.com/articles/1232123

The nss, nss-util, and nss-softokn packages have been upgraded to upstream
version 3.16.2.3, which provides a number of bug fixes and enhancements
over the previous version, and adds the support for Mozilla Firefox 31.3.
(BZ#1158159, BZ#1165003, BZ#1165525)

Users of nss, nss-util, and nss-softokn are advised to upgrade to these
updated packages, which contain a backported patch to mitigate the
CVE-2014-3566 issue, fix these bugs, and add these enhancements. After
installing this update, applications using NSS or NSPR must be restarted
for this update to take effect.

4. Solution:

Before applying this update, make sure all previously released 
errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack
1158159 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 [rhel-5.11.z]
1165003 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 [rhel-6.6.Z]
1165525 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 [rhel-7.0.Z]

6. Package List:

Red Hat Enterprise Linux Desktop (v. 5 client):

Source:
nss-3.16.2.3-1.el5_11.src.rpm

i386:
nss-3.16.2.3-1.el5_11.i386.rpm
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-tools-3.16.2.3-1.el5_11.i386.rpm

x86_64:
nss-3.16.2.3-1.el5_11.i386.rpm
nss-3.16.2.3-1.el5_11.x86_64.rpm
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm
nss-tools-3.16.2.3-1.el5_11.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
nss-3.16.2.3-1.el5_11.src.rpm

i386:
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-devel-3.16.2.3-1.el5_11.i386.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm

x86_64:
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm
nss-devel-3.16.2.3-1.el5_11.i386.rpm
nss-devel-3.16.2.3-1.el5_11.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
nss-3.16.2.3-1.el5_11.src.rpm

i386:
nss-3.16.2.3-1.el5_11.i386.rpm
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-devel-3.16.2.3-1.el5_11.i386.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm
nss-tools-3.16.2.3-1.el5_11.i386.rpm

ia64:
nss-3.16.2.3-1.el5_11.i386.rpm
nss-3.16.2.3-1.el5_11.ia64.rpm
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-debuginfo-3.16.2.3-1.el5_11.ia64.rpm
nss-devel-3.16.2.3-1.el5_11.ia64.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.ia64.rpm
nss-tools-3.16.2.3-1.el5_11.ia64.rpm

ppc:
nss-3.16.2.3-1.el5_11.ppc.rpm
nss-3.16.2.3-1.el5_11.ppc64.rpm
nss-debuginfo-3.16.2.3-1.el5_11.ppc.rpm
nss-debuginfo-3.16.2.3-1.el5_11.ppc64.rpm
nss-devel-3.16.2.3-1.el5_11.ppc.rpm
nss-devel-3.16.2.3-1.el5_11.ppc64.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.ppc.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.ppc64.rpm
nss-tools-3.16.2.3-1.el5_11.ppc.rpm

s390x:
nss-3.16.2.3-1.el5_11.s390.rpm
nss-3.16.2.3-1.el5_11.s390x.rpm
nss-debuginfo-3.16.2.3-1.el5_11.s390.rpm
nss-debuginfo-3.16.2.3-1.el5_11.s390x.rpm
nss-devel-3.16.2.3-1.el5_11.s390.rpm
nss-devel-3.16.2.3-1.el5_11.s390x.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.s390.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.s390x.rpm
nss-tools-3.16.2.3-1.el5_11.s390x.rpm

x86_64:
nss-3.16.2.3-1.el5_11.i386.rpm
nss-3.16.2.3-1.el5_11.x86_64.rpm
nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm
nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm
nss-devel-3.16.2.3-1.el5_11.i386.rpm
nss-devel-3.16.2.3-1.el5_11.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm
nss-pkcs11-devel-3.16.2.3-1.el5_11.x86_64.rpm
nss-tools-3.16.2.3-1.el5_11.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 6):

Source:
nss-3.16.2.3-3.el6_6.src.rpm
nss-util-3.16.2.3-2.el6_6.src.rpm

i386:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-sysinit-3.16.2.3-3.el6_6.i686.rpm
nss-tools-3.16.2.3-3.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm

x86_64:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-3.16.2.3-3.el6_6.x86_64.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm
nss-tools-3.16.2.3-3.el6_6.x86_64.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm

x86_64:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
nss-3.16.2.3-3.el6_6.src.rpm
nss-util-3.16.2.3-2.el6_6.src.rpm

x86_64:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-3.16.2.3-3.el6_6.x86_64.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm
nss-tools-3.16.2.3-3.el6_6.x86_64.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
nss-3.16.2.3-3.el6_6.src.rpm
nss-util-3.16.2.3-2.el6_6.src.rpm

i386:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-sysinit-3.16.2.3-3.el6_6.i686.rpm
nss-tools-3.16.2.3-3.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm

ppc64:
nss-3.16.2.3-3.el6_6.ppc.rpm
nss-3.16.2.3-3.el6_6.ppc64.rpm
nss-debuginfo-3.16.2.3-3.el6_6.ppc.rpm
nss-debuginfo-3.16.2.3-3.el6_6.ppc64.rpm
nss-devel-3.16.2.3-3.el6_6.ppc.rpm
nss-devel-3.16.2.3-3.el6_6.ppc64.rpm
nss-sysinit-3.16.2.3-3.el6_6.ppc64.rpm
nss-tools-3.16.2.3-3.el6_6.ppc64.rpm
nss-util-3.16.2.3-2.el6_6.ppc.rpm
nss-util-3.16.2.3-2.el6_6.ppc64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.ppc.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.ppc64.rpm
nss-util-devel-3.16.2.3-2.el6_6.ppc.rpm
nss-util-devel-3.16.2.3-2.el6_6.ppc64.rpm

s390x:
nss-3.16.2.3-3.el6_6.s390.rpm
nss-3.16.2.3-3.el6_6.s390x.rpm
nss-debuginfo-3.16.2.3-3.el6_6.s390.rpm
nss-debuginfo-3.16.2.3-3.el6_6.s390x.rpm
nss-devel-3.16.2.3-3.el6_6.s390.rpm
nss-devel-3.16.2.3-3.el6_6.s390x.rpm
nss-sysinit-3.16.2.3-3.el6_6.s390x.rpm
nss-tools-3.16.2.3-3.el6_6.s390x.rpm
nss-util-3.16.2.3-2.el6_6.s390.rpm
nss-util-3.16.2.3-2.el6_6.s390x.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.s390.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.s390x.rpm
nss-util-devel-3.16.2.3-2.el6_6.s390.rpm
nss-util-devel-3.16.2.3-2.el6_6.s390x.rpm

x86_64:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-3.16.2.3-3.el6_6.x86_64.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.x86_64.rpm
nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm
nss-tools-3.16.2.3-3.el6_6.x86_64.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm

ppc64:
nss-debuginfo-3.16.2.3-3.el6_6.ppc.rpm
nss-debuginfo-3.16.2.3-3.el6_6.ppc64.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.ppc.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.ppc64.rpm

s390x:
nss-debuginfo-3.16.2.3-3.el6_6.s390.rpm
nss-debuginfo-3.16.2.3-3.el6_6.s390x.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.s390.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.s390x.rpm

x86_64:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
nss-3.16.2.3-3.el6_6.src.rpm
nss-util-3.16.2.3-2.el6_6.src.rpm

i386:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-sysinit-3.16.2.3-3.el6_6.i686.rpm
nss-tools-3.16.2.3-3.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm

x86_64:
nss-3.16.2.3-3.el6_6.i686.rpm
nss-3.16.2.3-3.el6_6.x86_64.rpm
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-devel-3.16.2.3-3.el6_6.i686.rpm
nss-devel-3.16.2.3-3.el6_6.x86_64.rpm
nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm
nss-tools-3.16.2.3-3.el6_6.x86_64.rpm
nss-util-3.16.2.3-2.el6_6.i686.rpm
nss-util-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm
nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

i386:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm

x86_64:
nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm
nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm

Red Hat Enterprise Linux Client (v. 7):

Source:
nss-3.16.2.3-2.el7_0.src.rpm
nss-softokn-3.16.2.3-1.el7_0.src.rpm
nss-util-3.16.2.3-1.el7_0.src.rpm

x86_64:
nss-3.16.2.3-2.el7_0.i686.rpm
nss-3.16.2.3-2.el7_0.x86_64.rpm
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-softokn-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm
nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm
nss-tools-3.16.2.3-2.el7_0.x86_64.rpm
nss-util-3.16.2.3-1.el7_0.i686.rpm
nss-util-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-devel-3.16.2.3-2.el7_0.i686.rpm
nss-devel-3.16.2.3-2.el7_0.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-devel-3.16.2.3-1.el7_0.i686.rpm
nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
nss-3.16.2.3-2.el7_0.src.rpm
nss-softokn-3.16.2.3-1.el7_0.src.rpm
nss-util-3.16.2.3-1.el7_0.src.rpm

x86_64:
nss-3.16.2.3-2.el7_0.i686.rpm
nss-3.16.2.3-2.el7_0.x86_64.rpm
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-softokn-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm
nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm
nss-tools-3.16.2.3-2.el7_0.x86_64.rpm
nss-util-3.16.2.3-1.el7_0.i686.rpm
nss-util-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-devel-3.16.2.3-2.el7_0.i686.rpm
nss-devel-3.16.2.3-2.el7_0.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-devel-3.16.2.3-1.el7_0.i686.rpm
nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
nss-3.16.2.3-2.el7_0.src.rpm
nss-softokn-3.16.2.3-1.el7_0.src.rpm
nss-util-3.16.2.3-1.el7_0.src.rpm

ppc64:
nss-3.16.2.3-2.el7_0.ppc.rpm
nss-3.16.2.3-2.el7_0.ppc64.rpm
nss-debuginfo-3.16.2.3-2.el7_0.ppc.rpm
nss-debuginfo-3.16.2.3-2.el7_0.ppc64.rpm
nss-devel-3.16.2.3-2.el7_0.ppc.rpm
nss-devel-3.16.2.3-2.el7_0.ppc64.rpm
nss-softokn-3.16.2.3-1.el7_0.ppc.rpm
nss-softokn-3.16.2.3-1.el7_0.ppc64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.ppc.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.ppc64.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.ppc.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.ppc64.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.ppc.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.ppc64.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.ppc.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.ppc64.rpm
nss-sysinit-3.16.2.3-2.el7_0.ppc64.rpm
nss-tools-3.16.2.3-2.el7_0.ppc64.rpm
nss-util-3.16.2.3-1.el7_0.ppc.rpm
nss-util-3.16.2.3-1.el7_0.ppc64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.ppc.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.ppc64.rpm
nss-util-devel-3.16.2.3-1.el7_0.ppc.rpm
nss-util-devel-3.16.2.3-1.el7_0.ppc64.rpm

s390x:
nss-3.16.2.3-2.el7_0.s390.rpm
nss-3.16.2.3-2.el7_0.s390x.rpm
nss-debuginfo-3.16.2.3-2.el7_0.s390.rpm
nss-debuginfo-3.16.2.3-2.el7_0.s390x.rpm
nss-devel-3.16.2.3-2.el7_0.s390.rpm
nss-devel-3.16.2.3-2.el7_0.s390x.rpm
nss-softokn-3.16.2.3-1.el7_0.s390.rpm
nss-softokn-3.16.2.3-1.el7_0.s390x.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.s390.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.s390x.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.s390.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.s390x.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.s390.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.s390x.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.s390.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.s390x.rpm
nss-sysinit-3.16.2.3-2.el7_0.s390x.rpm
nss-tools-3.16.2.3-2.el7_0.s390x.rpm
nss-util-3.16.2.3-1.el7_0.s390.rpm
nss-util-3.16.2.3-1.el7_0.s390x.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.s390.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.s390x.rpm
nss-util-devel-3.16.2.3-1.el7_0.s390.rpm
nss-util-devel-3.16.2.3-1.el7_0.s390x.rpm

x86_64:
nss-3.16.2.3-2.el7_0.i686.rpm
nss-3.16.2.3-2.el7_0.x86_64.rpm
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-devel-3.16.2.3-2.el7_0.i686.rpm
nss-devel-3.16.2.3-2.el7_0.x86_64.rpm
nss-softokn-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm
nss-tools-3.16.2.3-2.el7_0.x86_64.rpm
nss-util-3.16.2.3-1.el7_0.i686.rpm
nss-util-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-devel-3.16.2.3-1.el7_0.i686.rpm
nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
nss-debuginfo-3.16.2.3-2.el7_0.ppc.rpm
nss-debuginfo-3.16.2.3-2.el7_0.ppc64.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.ppc.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.ppc64.rpm

s390x:
nss-debuginfo-3.16.2.3-2.el7_0.s390.rpm
nss-debuginfo-3.16.2.3-2.el7_0.s390x.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.s390.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.s390x.rpm

x86_64:
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
nss-3.16.2.3-2.el7_0.src.rpm
nss-softokn-3.16.2.3-1.el7_0.src.rpm
nss-util-3.16.2.3-1.el7_0.src.rpm

x86_64:
nss-3.16.2.3-2.el7_0.i686.rpm
nss-3.16.2.3-2.el7_0.x86_64.rpm
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-devel-3.16.2.3-2.el7_0.i686.rpm
nss-devel-3.16.2.3-2.el7_0.x86_64.rpm
nss-softokn-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm
nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm
nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm
nss-tools-3.16.2.3-2.el7_0.x86_64.rpm
nss-util-3.16.2.3-1.el7_0.i686.rpm
nss-util-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm
nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
nss-util-devel-3.16.2.3-1.el7_0.i686.rpm
nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm
nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm
nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/articles/1232123

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2014 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFUflBbXlSAg2UNWIIRAu4/AJ48DOLhhJCOz7bEfb2hnrhxuwF/0ACgnlfi
jJ4py+iKMGp8SjSnWwB0rUM=WVGF
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

RedHat: RHSA-2014-1948:01 Important: nss, nss-util, and nss-softokn security,

Updated nss, nss-util, and nss-softokn packages that contain a patch to mitigate the CVE-2014-3566 issue, fix a number of bugs, and add various enhancements are now available for R...

Summary

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities.
This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.
This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.
For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123
The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. (BZ#1158159, BZ#1165003, BZ#1165525)
Users of nss, nss-util, and nss-softokn are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue, fix these bugs, and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.



Summary


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/1232123

Package List

Red Hat Enterprise Linux Desktop (v. 5 client):
Source: nss-3.16.2.3-1.el5_11.src.rpm
i386: nss-3.16.2.3-1.el5_11.i386.rpm nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-tools-3.16.2.3-1.el5_11.i386.rpm
x86_64: nss-3.16.2.3-1.el5_11.i386.rpm nss-3.16.2.3-1.el5_11.x86_64.rpm nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm nss-tools-3.16.2.3-1.el5_11.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
Source: nss-3.16.2.3-1.el5_11.src.rpm
i386: nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-devel-3.16.2.3-1.el5_11.i386.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm
x86_64: nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm nss-devel-3.16.2.3-1.el5_11.i386.rpm nss-devel-3.16.2.3-1.el5_11.x86_64.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: nss-3.16.2.3-1.el5_11.src.rpm
i386: nss-3.16.2.3-1.el5_11.i386.rpm nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-devel-3.16.2.3-1.el5_11.i386.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm nss-tools-3.16.2.3-1.el5_11.i386.rpm
ia64: nss-3.16.2.3-1.el5_11.i386.rpm nss-3.16.2.3-1.el5_11.ia64.rpm nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-debuginfo-3.16.2.3-1.el5_11.ia64.rpm nss-devel-3.16.2.3-1.el5_11.ia64.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.ia64.rpm nss-tools-3.16.2.3-1.el5_11.ia64.rpm
ppc: nss-3.16.2.3-1.el5_11.ppc.rpm nss-3.16.2.3-1.el5_11.ppc64.rpm nss-debuginfo-3.16.2.3-1.el5_11.ppc.rpm nss-debuginfo-3.16.2.3-1.el5_11.ppc64.rpm nss-devel-3.16.2.3-1.el5_11.ppc.rpm nss-devel-3.16.2.3-1.el5_11.ppc64.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.ppc.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.ppc64.rpm nss-tools-3.16.2.3-1.el5_11.ppc.rpm
s390x: nss-3.16.2.3-1.el5_11.s390.rpm nss-3.16.2.3-1.el5_11.s390x.rpm nss-debuginfo-3.16.2.3-1.el5_11.s390.rpm nss-debuginfo-3.16.2.3-1.el5_11.s390x.rpm nss-devel-3.16.2.3-1.el5_11.s390.rpm nss-devel-3.16.2.3-1.el5_11.s390x.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.s390.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.s390x.rpm nss-tools-3.16.2.3-1.el5_11.s390x.rpm
x86_64: nss-3.16.2.3-1.el5_11.i386.rpm nss-3.16.2.3-1.el5_11.x86_64.rpm nss-debuginfo-3.16.2.3-1.el5_11.i386.rpm nss-debuginfo-3.16.2.3-1.el5_11.x86_64.rpm nss-devel-3.16.2.3-1.el5_11.i386.rpm nss-devel-3.16.2.3-1.el5_11.x86_64.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpm nss-pkcs11-devel-3.16.2.3-1.el5_11.x86_64.rpm nss-tools-3.16.2.3-1.el5_11.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 6):
Source: nss-3.16.2.3-3.el6_6.src.rpm nss-util-3.16.2.3-2.el6_6.src.rpm
i386: nss-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-sysinit-3.16.2.3-3.el6_6.i686.rpm nss-tools-3.16.2.3-3.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm
x86_64: nss-3.16.2.3-3.el6_6.i686.rpm nss-3.16.2.3-3.el6_6.x86_64.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm nss-tools-3.16.2.3-3.el6_6.x86_64.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.x86_64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
x86_64: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.x86_64.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: nss-3.16.2.3-3.el6_6.src.rpm nss-util-3.16.2.3-2.el6_6.src.rpm
x86_64: nss-3.16.2.3-3.el6_6.i686.rpm nss-3.16.2.3-3.el6_6.x86_64.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm nss-tools-3.16.2.3-3.el6_6.x86_64.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.x86_64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.x86_64.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: nss-3.16.2.3-3.el6_6.src.rpm nss-util-3.16.2.3-2.el6_6.src.rpm
i386: nss-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-sysinit-3.16.2.3-3.el6_6.i686.rpm nss-tools-3.16.2.3-3.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
ppc64: nss-3.16.2.3-3.el6_6.ppc.rpm nss-3.16.2.3-3.el6_6.ppc64.rpm nss-debuginfo-3.16.2.3-3.el6_6.ppc.rpm nss-debuginfo-3.16.2.3-3.el6_6.ppc64.rpm nss-devel-3.16.2.3-3.el6_6.ppc.rpm nss-devel-3.16.2.3-3.el6_6.ppc64.rpm nss-sysinit-3.16.2.3-3.el6_6.ppc64.rpm nss-tools-3.16.2.3-3.el6_6.ppc64.rpm nss-util-3.16.2.3-2.el6_6.ppc.rpm nss-util-3.16.2.3-2.el6_6.ppc64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.ppc.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.ppc64.rpm nss-util-devel-3.16.2.3-2.el6_6.ppc.rpm nss-util-devel-3.16.2.3-2.el6_6.ppc64.rpm
s390x: nss-3.16.2.3-3.el6_6.s390.rpm nss-3.16.2.3-3.el6_6.s390x.rpm nss-debuginfo-3.16.2.3-3.el6_6.s390.rpm nss-debuginfo-3.16.2.3-3.el6_6.s390x.rpm nss-devel-3.16.2.3-3.el6_6.s390.rpm nss-devel-3.16.2.3-3.el6_6.s390x.rpm nss-sysinit-3.16.2.3-3.el6_6.s390x.rpm nss-tools-3.16.2.3-3.el6_6.s390x.rpm nss-util-3.16.2.3-2.el6_6.s390.rpm nss-util-3.16.2.3-2.el6_6.s390x.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.s390.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.s390x.rpm nss-util-devel-3.16.2.3-2.el6_6.s390.rpm nss-util-devel-3.16.2.3-2.el6_6.s390x.rpm
x86_64: nss-3.16.2.3-3.el6_6.i686.rpm nss-3.16.2.3-3.el6_6.x86_64.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.x86_64.rpm nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm nss-tools-3.16.2.3-3.el6_6.x86_64.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.x86_64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
ppc64: nss-debuginfo-3.16.2.3-3.el6_6.ppc.rpm nss-debuginfo-3.16.2.3-3.el6_6.ppc64.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.ppc.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.ppc64.rpm
s390x: nss-debuginfo-3.16.2.3-3.el6_6.s390.rpm nss-debuginfo-3.16.2.3-3.el6_6.s390x.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.s390.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.s390x.rpm
x86_64: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: nss-3.16.2.3-3.el6_6.src.rpm nss-util-3.16.2.3-2.el6_6.src.rpm
i386: nss-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-sysinit-3.16.2.3-3.el6_6.i686.rpm nss-tools-3.16.2.3-3.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm
x86_64: nss-3.16.2.3-3.el6_6.i686.rpm nss-3.16.2.3-3.el6_6.x86_64.rpm nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-devel-3.16.2.3-3.el6_6.i686.rpm nss-devel-3.16.2.3-3.el6_6.x86_64.rpm nss-sysinit-3.16.2.3-3.el6_6.x86_64.rpm nss-tools-3.16.2.3-3.el6_6.x86_64.rpm nss-util-3.16.2.3-2.el6_6.i686.rpm nss-util-3.16.2.3-2.el6_6.x86_64.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.i686.rpm nss-util-debuginfo-3.16.2.3-2.el6_6.x86_64.rpm nss-util-devel-3.16.2.3-2.el6_6.i686.rpm nss-util-devel-3.16.2.3-2.el6_6.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm
x86_64: nss-debuginfo-3.16.2.3-3.el6_6.i686.rpm nss-debuginfo-3.16.2.3-3.el6_6.x86_64.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm nss-pkcs11-devel-3.16.2.3-3.el6_6.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: nss-3.16.2.3-2.el7_0.src.rpm nss-softokn-3.16.2.3-1.el7_0.src.rpm nss-util-3.16.2.3-1.el7_0.src.rpm
x86_64: nss-3.16.2.3-2.el7_0.i686.rpm nss-3.16.2.3-2.el7_0.x86_64.rpm nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-softokn-3.16.2.3-1.el7_0.i686.rpm nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm nss-tools-3.16.2.3-2.el7_0.x86_64.rpm nss-util-3.16.2.3-1.el7_0.i686.rpm nss-util-3.16.2.3-1.el7_0.x86_64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-devel-3.16.2.3-2.el7_0.i686.rpm nss-devel-3.16.2.3-2.el7_0.x86_64.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-util-devel-3.16.2.3-1.el7_0.i686.rpm nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: nss-3.16.2.3-2.el7_0.src.rpm nss-softokn-3.16.2.3-1.el7_0.src.rpm nss-util-3.16.2.3-1.el7_0.src.rpm
x86_64: nss-3.16.2.3-2.el7_0.i686.rpm nss-3.16.2.3-2.el7_0.x86_64.rpm nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-softokn-3.16.2.3-1.el7_0.i686.rpm nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm nss-tools-3.16.2.3-2.el7_0.x86_64.rpm nss-util-3.16.2.3-1.el7_0.i686.rpm nss-util-3.16.2.3-1.el7_0.x86_64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-devel-3.16.2.3-2.el7_0.i686.rpm nss-devel-3.16.2.3-2.el7_0.x86_64.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-util-devel-3.16.2.3-1.el7_0.i686.rpm nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: nss-3.16.2.3-2.el7_0.src.rpm nss-softokn-3.16.2.3-1.el7_0.src.rpm nss-util-3.16.2.3-1.el7_0.src.rpm
ppc64: nss-3.16.2.3-2.el7_0.ppc.rpm nss-3.16.2.3-2.el7_0.ppc64.rpm nss-debuginfo-3.16.2.3-2.el7_0.ppc.rpm nss-debuginfo-3.16.2.3-2.el7_0.ppc64.rpm nss-devel-3.16.2.3-2.el7_0.ppc.rpm nss-devel-3.16.2.3-2.el7_0.ppc64.rpm nss-softokn-3.16.2.3-1.el7_0.ppc.rpm nss-softokn-3.16.2.3-1.el7_0.ppc64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.ppc.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.ppc64.rpm nss-softokn-devel-3.16.2.3-1.el7_0.ppc.rpm nss-softokn-devel-3.16.2.3-1.el7_0.ppc64.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.ppc.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.ppc64.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.ppc.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.ppc64.rpm nss-sysinit-3.16.2.3-2.el7_0.ppc64.rpm nss-tools-3.16.2.3-2.el7_0.ppc64.rpm nss-util-3.16.2.3-1.el7_0.ppc.rpm nss-util-3.16.2.3-1.el7_0.ppc64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.ppc.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.ppc64.rpm nss-util-devel-3.16.2.3-1.el7_0.ppc.rpm nss-util-devel-3.16.2.3-1.el7_0.ppc64.rpm
s390x: nss-3.16.2.3-2.el7_0.s390.rpm nss-3.16.2.3-2.el7_0.s390x.rpm nss-debuginfo-3.16.2.3-2.el7_0.s390.rpm nss-debuginfo-3.16.2.3-2.el7_0.s390x.rpm nss-devel-3.16.2.3-2.el7_0.s390.rpm nss-devel-3.16.2.3-2.el7_0.s390x.rpm nss-softokn-3.16.2.3-1.el7_0.s390.rpm nss-softokn-3.16.2.3-1.el7_0.s390x.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.s390.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.s390x.rpm nss-softokn-devel-3.16.2.3-1.el7_0.s390.rpm nss-softokn-devel-3.16.2.3-1.el7_0.s390x.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.s390.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.s390x.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.s390.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.s390x.rpm nss-sysinit-3.16.2.3-2.el7_0.s390x.rpm nss-tools-3.16.2.3-2.el7_0.s390x.rpm nss-util-3.16.2.3-1.el7_0.s390.rpm nss-util-3.16.2.3-1.el7_0.s390x.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.s390.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.s390x.rpm nss-util-devel-3.16.2.3-1.el7_0.s390.rpm nss-util-devel-3.16.2.3-1.el7_0.s390x.rpm
x86_64: nss-3.16.2.3-2.el7_0.i686.rpm nss-3.16.2.3-2.el7_0.x86_64.rpm nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-devel-3.16.2.3-2.el7_0.i686.rpm nss-devel-3.16.2.3-2.el7_0.x86_64.rpm nss-softokn-3.16.2.3-1.el7_0.i686.rpm nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm nss-tools-3.16.2.3-2.el7_0.x86_64.rpm nss-util-3.16.2.3-1.el7_0.i686.rpm nss-util-3.16.2.3-1.el7_0.x86_64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-util-devel-3.16.2.3-1.el7_0.i686.rpm nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: nss-debuginfo-3.16.2.3-2.el7_0.ppc.rpm nss-debuginfo-3.16.2.3-2.el7_0.ppc64.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.ppc.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.ppc64.rpm
s390x: nss-debuginfo-3.16.2.3-2.el7_0.s390.rpm nss-debuginfo-3.16.2.3-2.el7_0.s390x.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.s390.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.s390x.rpm
x86_64: nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: nss-3.16.2.3-2.el7_0.src.rpm nss-softokn-3.16.2.3-1.el7_0.src.rpm nss-util-3.16.2.3-1.el7_0.src.rpm
x86_64: nss-3.16.2.3-2.el7_0.i686.rpm nss-3.16.2.3-2.el7_0.x86_64.rpm nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-devel-3.16.2.3-2.el7_0.i686.rpm nss-devel-3.16.2.3-2.el7_0.x86_64.rpm nss-softokn-3.16.2.3-1.el7_0.i686.rpm nss-softokn-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-softokn-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-3.16.2.3-1.el7_0.x86_64.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.i686.rpm nss-softokn-freebl-devel-3.16.2.3-1.el7_0.x86_64.rpm nss-sysinit-3.16.2.3-2.el7_0.x86_64.rpm nss-tools-3.16.2.3-2.el7_0.x86_64.rpm nss-util-3.16.2.3-1.el7_0.i686.rpm nss-util-3.16.2.3-1.el7_0.x86_64.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.i686.rpm nss-util-debuginfo-3.16.2.3-1.el7_0.x86_64.rpm nss-util-devel-3.16.2.3-1.el7_0.i686.rpm nss-util-devel-3.16.2.3-1.el7_0.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: nss-debuginfo-3.16.2.3-2.el7_0.i686.rpm nss-debuginfo-3.16.2.3-2.el7_0.x86_64.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.i686.rpm nss-pkcs11-devel-3.16.2.3-2.el7_0.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2014:1948-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2014:1948.html
Issued Date: : 2014-12-02

Topic

Updated nss, nss-util, and nss-softokn packages that contain a patch tomitigate the CVE-2014-3566 issue, fix a number of bugs, and add variousenhancements are now available for Red Hat Enterprise Linux 5, 6, and 7.Red Hat Product Security has rated this update as having Important security impact.


Topic


 

Relevant Releases Architectures

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Red Hat Enterprise Linux Client (v. 7) - x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64

Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64

Red Hat Enterprise Linux HPC Node (v. 6) - x86_64

Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64

Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64

Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64


Bugs Fixed

1152789 - CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack

1158159 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 [rhel-5.11.z]

1165003 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 [rhel-6.6.Z]

1165525 - Upgrade to NSS 3.16.2.3 for Firefox 31.3 [rhel-7.0.Z]


Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved