[El-errata] ELSA-2015-1980 Critical: Oracle Linux 5 nss and nspr security update

Wed Nov 4 14:55:23 PST 2015

Oracle Linux Security Advisory ELSA-2015-1980

http://linux.oracle.com/errata/ELSA-2015-1980.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
nspr-4.10.8-2.el5_11.i386.rpm
nspr-devel-4.10.8-2.el5_11.i386.rpm
nss-3.19.1-2.el5_11.i386.rpm
nss-devel-3.19.1-2.el5_11.i386.rpm
nss-pkcs11-devel-3.19.1-2.el5_11.i386.rpm
nss-tools-3.19.1-2.el5_11.i386.rpm

x86_64:
nspr-4.10.8-2.el5_11.i386.rpm
nspr-4.10.8-2.el5_11.x86_64.rpm
nspr-devel-4.10.8-2.el5_11.i386.rpm
nspr-devel-4.10.8-2.el5_11.x86_64.rpm
nss-3.19.1-2.el5_11.i386.rpm
nss-3.19.1-2.el5_11.x86_64.rpm
nss-devel-3.19.1-2.el5_11.i386.rpm
nss-devel-3.19.1-2.el5_11.x86_64.rpm
nss-pkcs11-devel-3.19.1-2.el5_11.i386.rpm
nss-pkcs11-devel-3.19.1-2.el5_11.x86_64.rpm
nss-tools-3.19.1-2.el5_11.x86_64.rpm

ia64:
nspr-4.10.8-2.el5_11.i386.rpm
nspr-4.10.8-2.el5_11.ia64.rpm
nspr-devel-4.10.8-2.el5_11.ia64.rpm
nss-3.19.1-2.el5_11.i386.rpm
nss-3.19.1-2.el5_11.ia64.rpm
nss-devel-3.19.1-2.el5_11.ia64.rpm
nss-pkcs11-devel-3.19.1-2.el5_11.ia64.rpm
nss-tools-3.19.1-2.el5_11.ia64.rpm

SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/nspr-4.10.8-2.el5_11.src.rpm
http://oss.oracle.com/ol5/SRPMS-updates/nss-3.19.1-2.el5_11.src.rpm

Description of changes:

nspr
[4.10.8-2]
- Resolves: Bug 1269359 - CVE-2015-7183
- nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash 
(under ASAN), potential memory corruption [rhel-5.11.z]

nss
[3.19.1-2]
- Resolves: Bug 1269354 - CVE-2015-7182 CVE-2015-7181