Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Scientific Linux: SLSA-2016:2779-1 Moderate: nss Util Flaws

Calendar Nov 21, 2016 User Avatar LinuxSecurity Advisories
3 - 5 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate network security buffer handling nss nss-util Scientific Linux
Moderate: nss and nss-util security update 
Date: Thu, 10 Nov 2016 10:20:59 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Discontinuing Software Collections for Scientific Linux
Comments: To: scientific-linux-announce@
MIME-Version: 1.0
Message-ID: <9d514c33-c30b-4ea6-011a-2f2dc558b544@fnal.gov>

When Scientific Linux started building the Software Collection Library
and Developer Toolset, these packages were not freely distributed.

The upstream packages and more can now be obtained from
softwarecollections.org.

With this in mind, we will be discontinuing the Scientific Linux
Software Collections. As a part of this process we will:
- archive the existing RPMS
- provide a new yum-conf-softwarecollections which points to the
SoftwareCollections.org repo

The new yum-conf-softwarecollections rpms are available now.

Users of the yum-conf-softwarecollections rpms can upgrade to the latest
version by running 'yum update yum-conf-softwarecollections'.

Archiving the Scientific Linux Software Collections is scheduled for Nov
28 2016.
Date: Mon, 21 Nov 2016 18:19:39 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: nss and nss-util on SL5.x, SL6.x,
 SL7.x i386/x86_64
MIME-Version: 1.0
Message-ID: <20161121181939.31603.79596@slpackages.fnal.gov>

Synopsis: Moderate: nss and nss-util security update
Advisory ID: SLSA-2016:2779-1
Issue Date: 2016-11-16
CVE Numbers: CVE-2016-2834
 CVE-2016-5285
 CVE-2016-8635
--

The nss-util packages provide utilities for use with the Network Security
Services (NSS) libraries.

The following packages have been upgraded to a newer upstream version: nss
(3.12.3), nss-util (3.12.3).

Security Fix(es):

* Multiple buffer handling flaws were found in the way NSS handled
cryptographic data from the network. A remote attacker could use these
flaws to crash an application using NSS or, possibly, execute arbitrary
code with the permission of the user running the application.
(CVE-2016-2834)

* A NULL pointer dereference flaw was found in the way NSS handled invalid
Diffie-Hellman keys. A remote client could use this flaw to crash a
TLS/SSL server using NSS. (CVE-2016-5285)

* It was found that Diffie Hellman Client key exchange handling in NSS was
vulnerable to small subgroup confinement attack. An attacker could use
this flaw to recover private keys by confining the client DH key to small
subgroup of the desired group. (CVE-2016-8635)
--

SL5
 x86_64
 nss-3.21.3-2.el5_11.i386.rpm
 nss-3.21.3-2.el5_11.x86_64.rpm
 nss-debuginfo-3.21.3-2.el5_11.i386.rpm
 nss-debuginfo-3.21.3-2.el5_11.x86_64.rpm
 nss-tools-3.21.3-2.el5_11.x86_64.rpm
 nss-devel-3.21.3-2.el5_11.i386.rpm
 nss-devel-3.21.3-2.el5_11.x86_64.rpm
 nss-pkcs11-devel-3.21.3-2.el5_11.i386.rpm
 nss-pkcs11-devel-3.21.3-2.el5_11.x86_64.rpm
 i386
 nss-3.21.3-2.el5_11.i386.rpm
 nss-debuginfo-3.21.3-2.el5_11.i386.rpm
 nss-tools-3.21.3-2.el5_11.i386.rpm
 nss-devel-3.21.3-2.el5_11.i386.rpm
 nss-pkcs11-devel-3.21.3-2.el5_11.i386.rpm
SL6
 x86_64
 nss-3.21.3-2.el6_8.i686.rpm
 nss-3.21.3-2.el6_8.x86_64.rpm
 nss-debuginfo-3.21.3-2.el6_8.i686.rpm
 nss-debuginfo-3.21.3-2.el6_8.x86_64.rpm
 nss-sysinit-3.21.3-2.el6_8.x86_64.rpm
 nss-tools-3.21.3-2.el6_8.x86_64.rpm
 nss-util-3.21.3-1.el6_8.i686.rpm
 nss-util-3.21.3-1.el6_8.x86_64.rpm
 nss-util-debuginfo-3.21.3-1.el6_8.i686.rpm
 nss-util-debuginfo-3.21.3-1.el6_8.x86_64.rpm
 nss-devel-3.21.3-2.el6_8.i686.rpm
 nss-devel-3.21.3-2.el6_8.x86_64.rpm
 nss-pkcs11-devel-3.21.3-2.el6_8.i686.rpm
 nss-pkcs11-devel-3.21.3-2.el6_8.x86_64.rpm
 nss-util-devel-3.21.3-1.el6_8.i686.rpm
 nss-util-devel-3.21.3-1.el6_8.x86_64.rpm
 i386
 nss-3.21.3-2.el6_8.i686.rpm
 nss-debuginfo-3.21.3-2.el6_8.i686.rpm
 nss-sysinit-3.21.3-2.el6_8.i686.rpm
 nss-tools-3.21.3-2.el6_8.i686.rpm
 nss-util-3.21.3-1.el6_8.i686.rpm
 nss-util-debuginfo-3.21.3-1.el6_8.i686.rpm
 nss-devel-3.21.3-2.el6_8.i686.rpm
 nss-pkcs11-devel-3.21.3-2.el6_8.i686.rpm
 nss-util-devel-3.21.3-1.el6_8.i686.rpm
SL7
 x86_64
 nss-3.21.3-2.el7_3.i686.rpm
 nss-3.21.3-2.el7_3.x86_64.rpm
 nss-debuginfo-3.21.3-2.el7_3.i686.rpm
 nss-debuginfo-3.21.3-2.el7_3.x86_64.rpm
 nss-sysinit-3.21.3-2.el7_3.x86_64.rpm
 nss-tools-3.21.3-2.el7_3.x86_64.rpm
 nss-util-3.21.3-1.1.el7_3.i686.rpm
 nss-util-3.21.3-1.1.el7_3.x86_64.rpm
 nss-util-debuginfo-3.21.3-1.1.el7_3.i686.rpm
 nss-util-debuginfo-3.21.3-1.1.el7_3.x86_64.rpm
 nss-devel-3.21.3-2.el7_3.i686.rpm
 nss-devel-3.21.3-2.el7_3.x86_64.rpm
 nss-pkcs11-devel-3.21.3-2.el7_3.i686.rpm
 nss-pkcs11-devel-3.21.3-2.el7_3.x86_64.rpm
 nss-util-devel-3.21.3-1.1.el7_3.i686.rpm
 nss-util-devel-3.21.3-1.1.el7_3.x86_64.rpm

- Scientific Linux Development Team

Related News

Your message here