Synopsis: Important: nss and nspr security, bug fix, and enhancement update
Issue Date: 2013-01-31
CVE Numbers: CVE-2013-0743
—
It was found that a Certificate Authority (CA) mis-issued two intermediate
certificates to customers. These certificates could be used to launch man-in-
the-middle attacks. This update renders those certificates as untrusted. This
covers all uses of the certificates, including SSL, S/MIME, and code signing.
In addition, the nss package has been upgraded to upstream version 3.13.6, and
the nspr package has been upgraded to upstream version 4.9.2. These updates
provide a number of bug fixes and enhancements over the previous versions.
After installing the update, applications using NSS and NSPR must be restarted
for the changes to take effect.
—
SL5
x86_64
nspr-4.9.2-2.el5_9.i386.rpm
nspr-4.9.2-2.el5_9.x86_64.rpm
nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
nspr-debuginfo-4.9.2-2.el5_9.x86_64.rpm
nss-3.13.6-3.el5_9.i386.rpm
nss-3.13.6-3.el5_9.x86_64.rpm
nss-debuginfo-3.13.6-3.el5_9.i386.rpm
nss-debuginfo-3.13.6-3.el5_9.x86_64.rpm
nss-tools-3.13.6-3.el5_9.x86_64.rpm
nspr-devel-4.9.2-2.el5_9.i386.rpm
nspr-devel-4.9.2-2.el5_9.x86_64.rpm
nss-devel-3.13.6-3.el5_9.i386.rpm
nss-devel-3.13.6-3.el5_9.x86_64.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.x86_64.rpm
i386
nspr-4.9.2-2.el5_9.i386.rpm
nspr-debuginfo-4.9.2-2.el5_9.i386.rpm
nss-3.13.6-3.el5_9.i386.rpm
nss-debuginfo-3.13.6-3.el5_9.i386.rpm
nss-tools-3.13.6-3.el5_9.i386.rpm
nspr-devel-4.9.2-2.el5_9.i386.rpm
nss-devel-3.13.6-3.el5_9.i386.rpm
nss-pkcs11-devel-3.13.6-3.el5_9.i386.rpm
– Scientific Linux Development Team
