Synopsis:          Moderate: nss security update
Advisory ID:       SLSA-2018:2898-1
Issue Date:        2018-10-09
CVE Numbers:       CVE-2018-12384
--

Security Fix(es):

* nss: ServerHello.random is all zeros when handling a v2-compatible
ClientHello (CVE-2018-12384)
--

SL6
  x86_64
    nss-3.36.0-9.el6_10.i686.rpm
    nss-3.36.0-9.el6_10.x86_64.rpm
    nss-debuginfo-3.36.0-9.el6_10.i686.rpm
    nss-debuginfo-3.36.0-9.el6_10.x86_64.rpm
    nss-sysinit-3.36.0-9.el6_10.x86_64.rpm
    nss-tools-3.36.0-9.el6_10.x86_64.rpm
    nss-devel-3.36.0-9.el6_10.i686.rpm
    nss-devel-3.36.0-9.el6_10.x86_64.rpm
    nss-pkcs11-devel-3.36.0-9.el6_10.i686.rpm
    nss-pkcs11-devel-3.36.0-9.el6_10.x86_64.rpm
  i386
    nss-3.36.0-9.el6_10.i686.rpm
    nss-debuginfo-3.36.0-9.el6_10.i686.rpm
    nss-sysinit-3.36.0-9.el6_10.i686.rpm
    nss-tools-3.36.0-9.el6_10.i686.rpm
    nss-devel-3.36.0-9.el6_10.i686.rpm
    nss-pkcs11-devel-3.36.0-9.el6_10.i686.rpm

- Scientific Linux Development Team