Date: Mon, 29 Jun 2015 22:39:44 +0000
Reply-To: scientific-linux-users@listserv.fnal.gov
Sender: Security Errata for Scientific Linux
From: Connie Sieh
Subject: Security ERRATA Moderate: nss on SL6.x, SL7.x i386/x86_64
MIME-Version: 1.0
Message-ID: <20150629223944.11216.37872@slpackages.fnal.gov>
Synopsis: Moderate: nss security update
Advisory ID: SLSA-2015:1185-1
Issue Date: 2015-06-25
CVE Numbers: CVE-2015-4000
--
A flaw was found in the way the TLS protocol composes the Diffie-Hellman
(DH) key exchange. A man-in-the-middle attacker could use this flaw to
force the use of weak 512 bit export-grade keys during the key exchange,
allowing them do decrypt all traffic. (CVE-2015-4000)
Note: This update forces the TLS/SSL client implementation in NSS to
reject DH key sizes below 768 bits, which prevents sessions to be
downgraded to export-grade keys. Future updates may raise this limit to
1024 bits.
The nss and nss-util packages have been upgraded to upstream versions
3.19.1. The upgraded versions provide a number of bug fixes and
enhancements over the previous versions.
--
SL6
x86_64
nss-3.19.1-3.el6_6.i686.rpm
nss-3.19.1-3.el6_6.x86_64.rpm
nss-debuginfo-3.19.1-3.el6_6.i686.rpm
nss-debuginfo-3.19.1-3.el6_6.x86_64.rpm
nss-sysinit-3.19.1-3.el6_6.x86_64.rpm
nss-tools-3.19.1-3.el6_6.x86_64.rpm
nss-util-3.19.1-1.el6_6.i686.rpm
nss-util-3.19.1-1.el6_6.x86_64.rpm
nss-util-debuginfo-3.19.1-1.el6_6.i686.rpm
nss-util-debuginfo-3.19.1-1.el6_6.x86_64.rpm
nss-devel-3.19.1-3.el6_6.i686.rpm
nss-devel-3.19.1-3.el6_6.x86_64.rpm
nss-pkcs11-devel-3.19.1-3.el6_6.i686.rpm
nss-pkcs11-devel-3.19.1-3.el6_6.x86_64.rpm
nss-util-devel-3.19.1-1.el6_6.i686.rpm
nss-util-devel-3.19.1-1.el6_6.x86_64.rpm
i386
nss-3.19.1-3.el6_6.i686.rpm
nss-debuginfo-3.19.1-3.el6_6.i686.rpm
nss-sysinit-3.19.1-3.el6_6.i686.rpm
nss-tools-3.19.1-3.el6_6.i686.rpm
nss-util-3.19.1-1.el6_6.i686.rpm
nss-util-debuginfo-3.19.1-1.el6_6.i686.rpm
nss-devel-3.19.1-3.el6_6.i686.rpm
nss-pkcs11-devel-3.19.1-3.el6_6.i686.rpm
nss-util-devel-3.19.1-1.el6_6.i686.rpm
SL7
x86_64
nss-3.19.1-3.el7_1.i686.rpm
nss-3.19.1-3.el7_1.x86_64.rpm
nss-debuginfo-3.19.1-3.el7_1.i686.rpm
nss-debuginfo-3.19.1-3.el7_1.x86_64.rpm
nss-sysinit-3.19.1-3.el7_1.x86_64.rpm
nss-tools-3.19.1-3.el7_1.x86_64.rpm
nss-util-3.19.1-1.el7_1.i686.rpm
nss-util-3.19.1-1.el7_1.x86_64.rpm
nss-util-debuginfo-3.19.1-1.el7_1.i686.rpm
nss-util-debuginfo-3.19.1-1.el7_1.x86_64.rpm
nss-devel-3.19.1-3.el7_1.i686.rpm
nss-devel-3.19.1-3.el7_1.x86_64.rpm
nss-pkcs11-devel-3.19.1-3.el7_1.i686.rpm
nss-pkcs11-devel-3.19.1-3.el7_1.x86_64.rpm
nss-util-devel-3.19.1-1.el7_1.i686.rpm
nss-util-devel-3.19.1-1.el7_1.x86_64.rpm
- Scientific Linux Development Team
SciLinux: CVE-2015-4000 Moderate: nss SL6.x, SL7.x i386/x86_64
Moderate: nss security update
Summary
Moderate: nss security update
Security Fixes
Severity
Advisory ID: SLSA-2015:1185-1
Issued Date: : 2015-06-25
CVE Numbers: CVE-2015-4000
A flaw was found in the way the TLS protocol composes the Diffie-Hellman
News
HOWTOs
Features
About Us
Powered By
