Synopsis: Low: nss security update Issue date: 2010-11-10 CVE Names: CVE-2010-3170 A flaw was found in the way NSS matched SSL certificates when the certificates had a Common Name containing a wildcard and a partial IP address. NSS incorrectly accepted connections to IP addresses that fell within the SSL certificate's wildcard range as valid SSL connections, possibly allowing an attacker to conduct a man-in-the-middle attack. (CVE-2010-3170) After installing the update, applications using NSS must be restarted for the changes to take effect. SL 6.x SRPMS: nss-3.12.8-1.el6_0.src.rpm nss-softokn-3.12.8-1.el6_0.src.rpm nss-util-3.12.8-1.el6_0.src.rpm i386: nss-3.12.8-1.el6_0.0.sl6.i686.rpm nss-devel-3.12.8-1.el6_0.0.sl6.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.0.sl6.i686.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-sysinit-3.12.8-1.el6_0.0.sl6.i686.rpm nss-tools-3.12.8-1.el6_0.0.sl6.i686.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm x86_64: nss-3.12.8-1.el6_0.0.sl6.i686.rpm nss-3.12.8-1.el6_0.0.sl6.x86_64.rpm nss-devel-3.12.8-1.el6_0.0.sl6.i686.rpm nss-devel-3.12.8-1.el6_0.0.sl6.x86_64.rpm nss-pkcs11-devel-3.12.8-1.el6_0.0.sl6.i686.rpm nss-pkcs11-devel-3.12.8-1.el6_0.0.sl6.x86_64.rpm nss-softokn-3.12.8-1.el6_0.i686.rpm nss-softokn-3.12.8-1.el6_0.x86_64.rpm nss-softokn-devel-3.12.8-1.el6_0.i686.rpm nss-softokn-devel-3.12.8-1.el6_0.x86_64.rpm nss-softokn-freebl-3.12.8-1.el6_0.i686.rpm nss-softokn-freebl-3.12.8-1.el6_0.x86_64.rpm nss-sysinit-3.12.8-1.el6_0.0.sl6.x86_64.rpm nss-tools-3.12.8-1.el6_0.0.sl6.x86_64.rpm nss-util-3.12.8-1.el6_0.i686.rpm nss-util-3.12.8-1.el6_0.x86_64.rpm nss-util-devel-3.12.8-1.el6_0.i686.rpm nss-util-devel-3.12.8-1.el6_0.x86_64.rpm -Connie Sieh -Troy Dawson