[El-errata] ELSA-2015-1981 Critical: Oracle Linux 7 nss, nss-util, and nspr security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Nov 4 14:54:01 PST 2015
Oracle Linux Security Advisory ELSA-2015-1981
http://linux.oracle.com/errata/ELSA-2015-1981.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
nspr-4.10.8-2.el7_1.i686.rpm
nspr-4.10.8-2.el7_1.x86_64.rpm
nspr-devel-4.10.8-2.el7_1.i686.rpm
nspr-devel-4.10.8-2.el7_1.x86_64.rpm
nss-3.19.1-7.0.1.el7_1.2.i686.rpm
nss-3.19.1-7.0.1.el7_1.2.x86_64.rpm
nss-devel-3.19.1-7.0.1.el7_1.2.i686.rpm
nss-devel-3.19.1-7.0.1.el7_1.2.x86_64.rpm
nss-pkcs11-devel-3.19.1-7.0.1.el7_1.2.i686.rpm
nss-pkcs11-devel-3.19.1-7.0.1.el7_1.2.x86_64.rpm
nss-sysinit-3.19.1-7.0.1.el7_1.2.x86_64.rpm
nss-tools-3.19.1-7.0.1.el7_1.2.x86_64.rpm
nss-util-3.19.1-4.el7_1.i686.rpm
nss-util-3.19.1-4.el7_1.x86_64.rpm
nss-util-devel-3.19.1-4.el7_1.i686.rpm
nss-util-devel-3.19.1-4.el7_1.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/nspr-4.10.8-2.el7_1.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/nss-3.19.1-7.0.1.el7_1.2.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/nss-util-3.19.1-4.el7_1.src.rpm
Description of changes:
nspr
[4.10.8-2]
- Resolves: Bug 1269362 - CVE-2015-7183
- nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash
(under ASAN), potential memory corruption
nss
[3.19.1-7.0.1]
- Added nss-vendor.patch to change vendor
[3.19.1-7.el7_2]
- Rebuild against updated NSPR
[3.19.1-7.el7_1.1]
- Rebuild against updated NSPR
[3.19.1-6]
- experimental build
nss-util
[3.19.1-4]
- Resolves: Bug 1269357 - CVE-2015-7182 CVE-2015-7181
More information about the El-errata
mailing list