[El-errata] ELSA-2015-1664 Moderate: Oracle Linux 5 nss security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Aug 24 13:53:19 PDT 2015


Oracle Linux Security Advisory ELSA-2015-1664

http://linux.oracle.com/errata/ELSA-2015-1664.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
nss-3.19.1-1.el5_11.i386.rpm
nss-devel-3.19.1-1.el5_11.i386.rpm
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm
nss-tools-3.19.1-1.el5_11.i386.rpm

x86_64:
nss-3.19.1-1.el5_11.i386.rpm
nss-3.19.1-1.el5_11.x86_64.rpm
nss-devel-3.19.1-1.el5_11.i386.rpm
nss-devel-3.19.1-1.el5_11.x86_64.rpm
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm
nss-pkcs11-devel-3.19.1-1.el5_11.x86_64.rpm
nss-tools-3.19.1-1.el5_11.x86_64.rpm

ia64:
nss-3.19.1-1.el5_11.i386.rpm
nss-3.19.1-1.el5_11.ia64.rpm
nss-devel-3.19.1-1.el5_11.ia64.rpm
nss-pkcs11-devel-3.19.1-1.el5_11.ia64.rpm
nss-tools-3.19.1-1.el5_11.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/nss-3.19.1-1.el5_11.src.rpm



Description of changes:

[3.19.1-1]
- Rebase nss to 3.19.1
- Pick up upstream fix for client auth. regression caused by 3.19.1
- Revert upstream change to minimum key sizes
- Remove patches that rendered obsolote by the rebase
- Update existing patches on account of the rebase

[3.18.0-7]
- Pick up upstream patch from nss-3.19.1
- Resolves: Bug 1236954 - CVE-2015-2730 NSS: ECDSA signature validation 
fails to handle some signatures correctly (MFSA 2015-64)
- Resolves: Bug 1236967 - CVE-2015-2721 NSS: incorrectly permited 
skipping of ServerKeyExchange (MFSA 2015-71)





More information about the El-errata mailing list