 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 1 Feb 2013 09:47:43 -0600 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Important: nss and nspr security, bug fix, and
enhancement update
Issue Date: 2013-01-31
CVE Numbers: None
--
It was found that a Certificate Authority (CA) mis-issued two intermediate
certificates to customers. These certificates could be used to launch
man-in-
the-middle attacks. This update renders those certificates as untrusted.
This
covers all uses of the certificates, including SSL, S/MIME, and code
signing.
In addition, the nss package has been upgraded to upstream version
3.13.6, and
the nspr package has been upgraded to upstream version 4.9.2. These updates
provide a number of bug fixes and enhancements over the previous versions.
After installing the update, applications using NSS and NSPR must be
restarted
for the changes to take effect.
--
SL5
x86_64
nspr-4.9.2-2.el5_9.i386.rpm
nspr-4.9.2-2.el5_9.x86_64.rpm
nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
nspr-debuginfo-4.9.2-2.el5_9.x86_64.rpm
nss-3.13.6-3.el5_9.i386.rpm
nss-3.13.6-3.el5_9.x86_64.rpm
nss-debuginfo-3.13.6-3.el5_9.i386.rpm
nss-debuginfo-3.13.6-3.el5_9.x86_64.rpm
nss-tools-3.13.6-3.el5_9.x86_64.rpm
nspr-devel-4.9.2-2.el5_9.i386.rpm
nspr-devel-4.9.2-2.el5_9.x86_64.rpm
nss-devel-3.13.6-3.el5_9.i386.rpm
nss-devel-3.13.6-3.el5_9.x86_64.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.x86_64.rpm
i386
nspr-4.9.2-2.el5_9.i386.rpm
nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
nss-3.13.6-3.el5_9.i386.rpm
nss-debuginfo-3.13.6-3.el5_9.i386.rpm
nss-tools-3.13.6-3.el5_9.i386.rpm
nspr-devel-4.9.2-2.el5_9.i386.rpm
nss-devel-3.13.6-3.el5_9.i386.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
- Scientific Linux Development Team
|
|
|
