Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Scientific Linux: Crucial NSS and NSPR Security Patches Released

Scientific Large Esm H446
Important: nss and nspr security, bug fix, and
Date: Fri, 1 Feb 2013 09:47:43 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Important: nss and nspr on SL5.x i386/x86_64

Synopsis: Important: nss and nspr security, bug fix, and
enhancement update
Issue Date: 2013-01-31
CVE Numbers: None
--

It was found that a Certificate Authority (CA) mis-issued two intermediate
certificates to customers. These certificates could be used to launch
man-in-the-middle attacks. This update renders those certificates as untrusted.
This covers all uses of the certificates, including SSL, S/MIME, and code
signing.

In addition, the nss package has been upgraded to upstream version
3.13.6, and the nspr package has been upgraded to upstream version 4.9.2. These updates
provide a number of bug fixes and enhancements over the previous versions.

After installing the update, applications using NSS and NSPR must be
restarted for the changes to take effect.
--

SL5
 x86_64
 nspr-4.9.2-2.el5_9.i386.rpm
 nspr-4.9.2-2.el5_9.x86_64.rpm
 nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
 nspr-debuginfo-4.9.2-2.el5_9.x86_64.rpm
 nss-3.13.6-3.el5_9.i386.rpm
 nss-3.13.6-3.el5_9.x86_64.rpm
 nss-debuginfo-3.13.6-3.el5_9.i386.rpm
 nss-debuginfo-3.13.6-3.el5_9.x86_64.rpm
 nss-tools-3.13.6-3.el5_9.x86_64.rpm
 nspr-devel-4.9.2-2.el5_9.i386.rpm
 nspr-devel-4.9.2-2.el5_9.x86_64.rpm
 nss-devel-3.13.6-3.el5_9.i386.rpm
 nss-devel-3.13.6-3.el5_9.x86_64.rpm
 nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
 nss-pkcs11-devel-3.13.6-3.el5_9.x86_64.rpm
 i386
 nspr-4.9.2-2.el5_9.i386.rpm
 nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
 nss-3.13.6-3.el5_9.i386.rpm
 nss-debuginfo-3.13.6-3.el5_9.i386.rpm
 nss-tools-3.13.6-3.el5_9.i386.rpm
 nspr-devel-4.9.2-2.el5_9.i386.rpm
 nss-devel-3.13.6-3.el5_9.i386.rpm
 nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm

- Scientific Linux Development Team
Your message here