 
| Sender: |
|
| Date: |
Fri, 1 Feb 2013 09:47:43 -0600 |
| Reply-To: |
|
| Subject: |
|
| MIME-Version: |
1.0 |
| Content-Transfer-Encoding: |
7bit |
| Content-Type: |
text/plain; charset="UTF-8"; format=flowed |
| Organization: |
Fermilab |
| From: |
|
| Parts/Attachments: |
|
|
Synopsis: Important: nss and nspr security, bug fix, and
enhancement update
Issue Date: 2013-01-31
CVE Numbers: None
--
It was found that a Certificate Authority (CA) mis-issued two intermediate
certificates to customers. These certificates could be used to launch
man-in-
the-middle attacks. This update renders those certificates as untrusted.
This
covers all uses of the certificates, including SSL, S/MIME, and code
signing.
In addition, the nss package has been upgraded to upstream version
3.13.6, and
the nspr package has been upgraded to upstream version 4.9.2. These updates
provide a number of bug fixes and enhancements over the previous versions.
After installing the update, applications using NSS and NSPR must be
restarted
for the changes to take effect.
--
SL5
x86_64
nspr-4.9.2-2.el5_9.i386.rpm
nspr-4.9.2-2.el5_9.x86_64.rpm
nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
nspr-debuginfo-4.9.2-2.el5_9.x86_64.rpm
nss-3.13.6-3.el5_9.i386.rpm
nss-3.13.6-3.el5_9.x86_64.rpm
nss-debuginfo-3.13.6-3.el5_9.i386.rpm
nss-debuginfo-3.13.6-3.el5_9.x86_64.rpm
nss-tools-3.13.6-3.el5_9.x86_64.rpm
nspr-devel-4.9.2-2.el5_9.i386.rpm
nspr-devel-4.9.2-2.el5_9.x86_64.rpm
nss-devel-3.13.6-3.el5_9.i386.rpm
nss-devel-3.13.6-3.el5_9.x86_64.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.x86_64.rpm
i386
nspr-4.9.2-2.el5_9.i386.rpm
nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
nss-3.13.6-3.el5_9.i386.rpm
nss-debuginfo-3.13.6-3.el5_9.i386.rpm
nss-tools-3.13.6-3.el5_9.i386.rpm
nspr-devel-4.9.2-2.el5_9.i386.rpm
nss-devel-3.13.6-3.el5_9.i386.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
- Scientific Linux Development Team
|
|
|
