RHSA-2012:1091-01 -- Redhat nss, nspr, and nss-utilID: oval:org.secpod.oval:def:500847 | Date: (C)2012-08-25 (M)2024-05-22 |
Class: PATCH | Family: unix |
Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way the ASN.1 decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP response. The nspr package has been upgraded to upstream version 4.9.1, which provides a number of bug fixes and enhancements over the previous version. The nss-util package has been upgraded to upstream version 3.13.5, which provides a number of bug fixes and enhancements over the previous version. The nss package has been upgraded to upstream version 3.13.5, which provides a number of bug fixes and enhancements over the previous version. All NSS, NSPR, and nss-util users are advised to upgrade to these updated packages, which correct these issues and add these enhancements. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.
Platform: |
Red Hat Enterprise Linux 6 |