Synopsis: Important: nss security update Advisory ID: SLSA-2017:2832-1 Issue Date: 2017-09-29 CVE Numbers: CVE-2017-7805 -- Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) -- SL6 x86_64 nss-3.28.4-4.el6_9.i686.rpm nss-3.28.4-4.el6_9.x86_64.rpm nss-debuginfo-3.28.4-4.el6_9.i686.rpm nss-debuginfo-3.28.4-4.el6_9.x86_64.rpm nss-sysinit-3.28.4-4.el6_9.x86_64.rpm nss-tools-3.28.4-4.el6_9.x86_64.rpm nss-devel-3.28.4-4.el6_9.i686.rpm nss-devel-3.28.4-4.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-4.el6_9.x86_64.rpm i386 nss-3.28.4-4.el6_9.i686.rpm nss-debuginfo-3.28.4-4.el6_9.i686.rpm nss-sysinit-3.28.4-4.el6_9.i686.rpm nss-tools-3.28.4-4.el6_9.i686.rpm nss-devel-3.28.4-4.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm SL7 x86_64 nss-3.28.4-12.el7_4.i686.rpm nss-3.28.4-12.el7_4.x86_64.rpm nss-debuginfo-3.28.4-12.el7_4.i686.rpm nss-debuginfo-3.28.4-12.el7_4.x86_64.rpm nss-sysinit-3.28.4-12.el7_4.x86_64.rpm nss-tools-3.28.4-12.el7_4.x86_64.rpm nss-devel-3.28.4-12.el7_4.i686.rpm nss-devel-3.28.4-12.el7_4.x86_64.rpm nss-pkcs11-devel-3.28.4-12.el7_4.i686.rpm nss-pkcs11-devel-3.28.4-12.el7_4.x86_64.rpm - Scientific Linux Development Team