[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2012:1091-01 -- Redhat nss, nspr, and nss-util

ID: oval:org.secpod.oval:def:500847Date: (C)2012-08-25   (M)2023-11-19
Class: PATCHFamily: unix




Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response. The nspr package has been upgraded to upstream version 4.9.1, which provides a number of bug fixes and enhancements over the previous version. The nss-util package has been upgraded to upstream version 3.13.5, which provides a number of bug fixes and enhancements over the previous version. The nss package has been upgraded to upstream version 3.13.5, which provides a number of bug fixes and enhancements over the previous version. All NSS, NSPR, and nss-util users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.

Platform:
Red Hat Enterprise Linux 6
Product:
nss
nspr
nss-util
Reference:
RHSA-2012:1091-01
CVE-2012-0441
CVE    1
CVE-2012-0441
CPE    4
cpe:/a:nss:network_security_services
cpe:/o:redhat:enterprise_linux:6
cpe:/a:nss:nss-util
cpe:/a:mozilla:netscape_portable_runtime
...

© SecPod Technologies