Auditorías de Seguridad de Red / Evaluación de vulnerabilidades de SecuritySpace

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-979
2006-09-14
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : nss
Version     : 3.11.3
Release     : 0.5.fc5
Summary     : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

---------------------------------------------------------------------
Update Information:

Network Security Services (NSS) is a set of libraries
designed to support cross-platform development of
security-enabled client and server applications.
Applications built with NSS can support SSL v2 and v3, TLS,
PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3
certificates, and other security standards.

Daniel Bleichenbacher recently described an implementation
error in RSA signature verification. For RSA keys with
exponent 3 it is possible for an attacker to forge a
signature that which would be incorrectly verified by the
NSS library. (CVE-2006-4340)

All users of NSS, which includes users of Firefox,
Thunderbird, Seamonkey, and other mozilla.org products, are
recommended to update to this package, which contains NSS
version 3.11.3 which is not vulnerable to this issue.
---------------------------------------------------------------------
* Thu Sep 14 2006 Kai Engert <kengert@redhat.com> - 3.11.3-0.5.fc5
- Enable executable bit on shared libs, also fixes debug info.
- Update to 3.11.3
* Mon Jun 19 2006 Kai Engert <kengert@redhat.com> - 3.11.1-1.fc5
- Update to 3.11.1
- Include upstream patch to limit curves

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

dfa969d4ca69932a0a9a5a80fa2c9b391ba85a93  SRPMS/nss-3.11.3-0.5.fc5.src.rpm
dfa969d4ca69932a0a9a5a80fa2c9b391ba85a93  noarch/nss-3.11.3-0.5.fc5.src.rpm
8c27791d8a2b3504417ab408bbc0a72396afb056  ppc/nss-pkcs11-devel-3.11.3-0.5.fc5.ppc.rpm
0adf3bc8153e7020ae03e6c9f676286d171ab254  ppc/nss-3.11.3-0.5.fc5.ppc.rpm
9a485006ca03d2165519cd82574008bc7560b9b9  ppc/nss-tools-3.11.3-0.5.fc5.ppc.rpm
7f73fdeb17fdb4db5a025c2e1e9ca937a1713fc1  ppc/nss-devel-3.11.3-0.5.fc5.ppc.rpm
613ac4d2af01dea820f94dfc66ea5b45fd2e63b2  ppc/debug/nss-debuginfo-3.11.3-0.5.fc5.ppc.rpm
ae776dc26bef9c9d5ce1f99e914e958c2458e2dd  x86_64/nss-pkcs11-devel-3.11.3-0.5.fc5.x86_64.rpm
b0ad2df1403e757208cb5f611cd83eea324a95ea  x86_64/nss-3.11.3-0.5.fc5.x86_64.rpm
53033aad717f98cb18c74a3d36f8c5916f1131dd  x86_64/debug/nss-debuginfo-3.11.3-0.5.fc5.x86_64.rpm
eef4cbbe2eaa2d40380432b95afb5a80bdb75d7d  x86_64/nss-devel-3.11.3-0.5.fc5.x86_64.rpm
14dfac79f5d6fc42aff117eef013a5f5845bf812  x86_64/nss-tools-3.11.3-0.5.fc5.x86_64.rpm
04962c526e4bd667efb2677f3ae45ff0bed4ff9f  i386/nss-devel-3.11.3-0.5.fc5.i386.rpm
8cbfb34b975c0394a9af8a01ae7f2db23787f898  i386/nss-pkcs11-devel-3.11.3-0.5.fc5.i386.rpm
43cdc507018f01d0e515ff6025a618afa81d0bf3  i386/debug/nss-debuginfo-3.11.3-0.5.fc5.i386.rpm
2a33f978234e4686593c7c8bdd6198fd22c137b2  i386/nss-3.11.3-0.5.fc5.i386.rpm
8f78dcd022d6c350dc646a136e6968750f2c6d97  i386/nss-tools-3.11.3-0.5.fc5.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------