Scientific Linux: SLSA-2014:1307-1 Critical: NSS ASN.1 Issue

Sep 26, 2014 •

LinuxSecurity Advisories

2 - 4 min read

Scientific Large Esm H500

Topics Covered

security advisory security update critical threat important security issue SL5 distribution SL6 distribution nss software

Important: nss security update

Date: Fri, 26 Sep 2014 13:29:51 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: nss on SL5.x, SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Important: nss security update
Advisory ID: SLSA-2014:1307-1
Issue Date: 2014-09-26
CVE Numbers: CVE-2014-1568
--

A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation
One) input from certain RSA signatures. A remote attacker could use this
flaw to forge RSA certificates by providing a specially crafted signature
to an application using NSS. (CVE-2014-1568)

After installing this update, applications using NSS must be restarted for
this update to take effect.
--

SL5
 x86_64
 nss-3.16.1-4.el5_11.i386.rpm
 nss-3.16.1-4.el5_11.x86_64.rpm
 nss-debuginfo-3.16.1-4.el5_11.i386.rpm
 nss-debuginfo-3.16.1-4.el5_11.x86_64.rpm
 nss-tools-3.16.1-4.el5_11.x86_64.rpm
 nss-devel-3.16.1-4.el5_11.i386.rpm
 nss-devel-3.16.1-4.el5_11.x86_64.rpm
 nss-pkcs11-devel-3.16.1-4.el5_11.i386.rpm
 nss-pkcs11-devel-3.16.1-4.el5_11.x86_64.rpm
 i386
 nss-3.16.1-4.el5_11.i386.rpm
 nss-debuginfo-3.16.1-4.el5_11.i386.rpm
 nss-tools-3.16.1-4.el5_11.i386.rpm
 nss-devel-3.16.1-4.el5_11.i386.rpm
 nss-pkcs11-devel-3.16.1-4.el5_11.i386.rpm
SL6
 x86_64
 nss-3.16.1-7.el6_5.i686.rpm
 nss-3.16.1-7.el6_5.x86_64.rpm
 nss-debuginfo-3.16.1-7.el6_5.i686.rpm
 nss-debuginfo-3.16.1-7.el6_5.x86_64.rpm
 nss-softokn-3.14.3-12.el6_5.i686.rpm
 nss-softokn-3.14.3-12.el6_5.x86_64.rpm
 nss-softokn-debuginfo-3.14.3-12.el6_5.i686.rpm
 nss-softokn-debuginfo-3.14.3-12.el6_5.x86_64.rpm
 nss-softokn-freebl-3.14.3-12.el6_5.i686.rpm
 nss-softokn-freebl-3.14.3-12.el6_5.x86_64.rpm
 nss-sysinit-3.16.1-7.el6_5.x86_64.rpm
 nss-tools-3.16.1-7.el6_5.x86_64.rpm
 nss-util-3.16.1-2.el6_5.i686.rpm
 nss-util-3.16.1-2.el6_5.x86_64.rpm
 nss-util-debuginfo-3.16.1-2.el6_5.i686.rpm
 nss-util-debuginfo-3.16.1-2.el6_5.x86_64.rpm
 nss-devel-3.16.1-7.el6_5.i686.rpm
 nss-devel-3.16.1-7.el6_5.x86_64.rpm
 nss-pkcs11-devel-3.16.1-7.el6_5.i686.rpm
 nss-pkcs11-devel-3.16.1-7.el6_5.x86_64.rpm
 nss-softokn-devel-3.14.3-12.el6_5.i686.rpm
 nss-softokn-devel-3.14.3-12.el6_5.x86_64.rpm
 nss-softokn-freebl-devel-3.14.3-12.el6_5.i686.rpm
 nss-softokn-freebl-devel-3.14.3-12.el6_5.x86_64.rpm
 nss-util-devel-3.16.1-2.el6_5.i686.rpm
 nss-util-devel-3.16.1-2.el6_5.x86_64.rpm
 i386
 nss-3.16.1-7.el6_5.i686.rpm
 nss-debuginfo-3.16.1-7.el6_5.i686.rpm
 nss-softokn-3.14.3-12.el6_5.i686.rpm
 nss-softokn-debuginfo-3.14.3-12.el6_5.i686.rpm
 nss-softokn-freebl-3.14.3-12.el6_5.i686.rpm
 nss-sysinit-3.16.1-7.el6_5.i686.rpm
 nss-tools-3.16.1-7.el6_5.i686.rpm
 nss-util-3.16.1-2.el6_5.i686.rpm
 nss-util-debuginfo-3.16.1-2.el6_5.i686.rpm
 nss-devel-3.16.1-7.el6_5.i686.rpm
 nss-pkcs11-devel-3.16.1-7.el6_5.i686.rpm
 nss-softokn-devel-3.14.3-12.el6_5.i686.rpm
 nss-softokn-freebl-devel-3.14.3-12.el6_5.i686.rpm
 nss-util-devel-3.16.1-2.el6_5.i686.rpm

- Scientific Linux Development Team

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here