Synopsis: Important: nss security update
Advisory ID: SLSA-2017:2832-1
Issue Date: 2017-09-29
CVE Numbers: CVE-2017-7805
—
Security Fix(es):
* A use-after-free flaw was found in the TLS 1.2 implementation in the NSS
library when client authentication was used. A malicious client could use
this flaw to cause an application compiled against NSS to crash or,
potentially, execute arbitrary code with the permission of the user
running the application. (CVE-2017-7805)
—
SL6
x86_64
nss-3.28.4-4.el6_9.i686.rpm
nss-3.28.4-4.el6_9.x86_64.rpm
nss-debuginfo-3.28.4-4.el6_9.i686.rpm
nss-debuginfo-3.28.4-4.el6_9.x86_64.rpm
nss-sysinit-3.28.4-4.el6_9.x86_64.rpm
nss-tools-3.28.4-4.el6_9.x86_64.rpm
nss-devel-3.28.4-4.el6_9.i686.rpm
nss-devel-3.28.4-4.el6_9.x86_64.rpm
nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm
nss-pkcs11-devel-3.28.4-4.el6_9.x86_64.rpm
i386
nss-3.28.4-4.el6_9.i686.rpm
nss-debuginfo-3.28.4-4.el6_9.i686.rpm
nss-sysinit-3.28.4-4.el6_9.i686.rpm
nss-tools-3.28.4-4.el6_9.i686.rpm
nss-devel-3.28.4-4.el6_9.i686.rpm
nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm
SL7
x86_64
nss-3.28.4-12.el7_4.i686.rpm
nss-3.28.4-12.el7_4.x86_64.rpm
nss-debuginfo-3.28.4-12.el7_4.i686.rpm
nss-debuginfo-3.28.4-12.el7_4.x86_64.rpm
nss-sysinit-3.28.4-12.el7_4.x86_64.rpm
nss-tools-3.28.4-12.el7_4.x86_64.rpm
nss-devel-3.28.4-12.el7_4.i686.rpm
nss-devel-3.28.4-12.el7_4.x86_64.rpm
nss-pkcs11-devel-3.28.4-12.el7_4.i686.rpm
nss-pkcs11-devel-3.28.4-12.el7_4.x86_64.rpm
– Scientific Linux Development Team
