OVAL Reference oval:com.redhat.rhsa:def:20141307

Oval Definition:

oval:com.redhat.rhsa:def:20141307

Revision Date:	2014-09-26	Version:	636
Title:	RHSA-2014:1307: nss security update (Important)
Description:	Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Antoine Delignat-Lavaud and Intel Product Security Incident Response Team as the original reporters. All NSS users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, applications using NSS must be restarted for this update to take effect.
Family:	unix	Class:	patch
Status:		Reference(s):	CVE-2014-1568 CVE-2014-1568 RHSA-2014:1307 RHSA-2014:1307-00 RHSA-2014:1307-01
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7	Product(s):
Definition Synopsis
Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 6 is installed AND nss-util is earlier than 0:3.16.1-2.el6_5 AND nss-util is signed with Red Hat redhatrelease2 key nss-util-devel is earlier than 0:3.16.1-2.el6_5 AND nss-util-devel is signed with Red Hat redhatrelease2 key nss is earlier than 0:3.16.1-7.el6_5 AND nss is signed with Red Hat redhatrelease2 key nss-devel is earlier than 0:3.16.1-7.el6_5 AND nss-devel is signed with Red Hat redhatrelease2 key nss-pkcs11-devel is earlier than 0:3.16.1-7.el6_5 AND nss-pkcs11-devel is signed with Red Hat redhatrelease2 key nss-sysinit is earlier than 0:3.16.1-7.el6_5 AND nss-sysinit is signed with Red Hat redhatrelease2 key nss-tools is earlier than 0:3.16.1-7.el6_5 AND nss-tools is signed with Red Hat redhatrelease2 key nss-softokn is earlier than 0:3.14.3-12.el6_5 AND nss-softokn is signed with Red Hat redhatrelease2 key nss-softokn-devel is earlier than 0:3.14.3-12.el6_5 AND nss-softokn-devel is signed with Red Hat redhatrelease2 key nss-softokn-freebl is earlier than 0:3.14.3-12.el6_5 AND nss-softokn-freebl is signed with Red Hat redhatrelease2 key nss-softokn-freebl-devel is earlier than 0:3.14.3-12.el6_5 AND nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 5 is installed AND nss is earlier than 0:3.16.1-4.el5_11 AND nss is signed with Red Hat redhatrelease2 key nss-devel is earlier than 0:3.16.1-4.el5_11 AND nss-devel is signed with Red Hat redhatrelease2 key nss-pkcs11-devel is earlier than 0:3.16.1-4.el5_11 AND nss-pkcs11-devel is signed with Red Hat redhatrelease2 key nss-tools is earlier than 0:3.16.1-4.el5_11 AND nss-tools is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 7 is installed AND nss-softokn is earlier than 0:3.16.2-2.el7_0 AND nss-softokn is signed with Red Hat redhatrelease2 key nss-softokn-devel is earlier than 0:3.16.2-2.el7_0 AND nss-softokn-devel is signed with Red Hat redhatrelease2 key nss-softokn-freebl is earlier than 0:3.16.2-2.el7_0 AND nss-softokn-freebl is signed with Red Hat redhatrelease2 key nss-softokn-freebl-devel is earlier than 0:3.16.2-2.el7_0 AND nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key nss-util is earlier than 0:3.16.2-2.el7_0 AND nss-util is signed with Red Hat redhatrelease2 key nss-util-devel is earlier than 0:3.16.2-2.el7_0 AND nss-util-devel is signed with Red Hat redhatrelease2 key nss is earlier than 0:3.16.2-7.el7_0 AND nss is signed with Red Hat redhatrelease2 key nss-devel is earlier than 0:3.16.2-7.el7_0 AND nss-devel is signed with Red Hat redhatrelease2 key nss-pkcs11-devel is earlier than 0:3.16.2-7.el7_0 AND nss-pkcs11-devel is signed with Red Hat redhatrelease2 key nss-sysinit is earlier than 0:3.16.2-7.el7_0 AND nss-sysinit is signed with Red Hat redhatrelease2 key nss-tools is earlier than 0:3.16.2-7.el7_0 AND nss-tools is signed with Red Hat redhatrelease2 key
Definition Synopsis
Release Information Red Hat Enterprise Linux 6 Client is installed OR Red Hat Enterprise Linux 6 Server is installed OR Red Hat Enterprise Linux 6 Workstation is installed OR Red Hat Enterprise Linux 6 ComputeNode is installed AND nss-util is earlier than 0:3.16.1-2.el6_5 AND nss-util is signed with Red Hat redhatrelease2 key nss-util-devel is earlier than 0:3.16.1-2.el6_5 AND nss-util-devel is signed with Red Hat redhatrelease2 key nss is earlier than 0:3.16.1-7.el6_5 AND nss is signed with Red Hat redhatrelease2 key nss-devel is earlier than 0:3.16.1-7.el6_5 AND nss-devel is signed with Red Hat redhatrelease2 key nss-pkcs11-devel is earlier than 0:3.16.1-7.el6_5 AND nss-pkcs11-devel is signed with Red Hat redhatrelease2 key nss-sysinit is earlier than 0:3.16.1-7.el6_5 AND nss-sysinit is signed with Red Hat redhatrelease2 key nss-tools is earlier than 0:3.16.1-7.el6_5 AND nss-tools is signed with Red Hat redhatrelease2 key nss-softokn is earlier than 0:3.14.3-12.el6_5 AND nss-softokn is signed with Red Hat redhatrelease2 key nss-softokn-devel is earlier than 0:3.14.3-12.el6_5 AND nss-softokn-devel is signed with Red Hat redhatrelease2 key nss-softokn-freebl is earlier than 0:3.14.3-12.el6_5 AND nss-softokn-freebl is signed with Red Hat redhatrelease2 key nss-softokn-freebl-devel is earlier than 0:3.14.3-12.el6_5 AND nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 5 is installed AND nss is earlier than 0:3.16.1-4.el5_11 AND nss is signed with Red Hat redhatrelease key nss-devel is earlier than 0:3.16.1-4.el5_11 AND nss-devel is signed with Red Hat redhatrelease key nss-pkcs11-devel is earlier than 0:3.16.1-4.el5_11 AND nss-pkcs11-devel is signed with Red Hat redhatrelease key nss-tools is earlier than 0:3.16.1-4.el5_11 AND nss-tools is signed with Red Hat redhatrelease key OR Package Information Red Hat Enterprise Linux 7 Client is installed OR Red Hat Enterprise Linux 7 Server is installed OR Red Hat Enterprise Linux 7 Workstation is installed OR Red Hat Enterprise Linux 7 ComputeNode is installed AND nss-softokn is earlier than 0:3.16.2-2.el7_0 AND nss-softokn is signed with Red Hat redhatrelease2 key nss-softokn-devel is earlier than 0:3.16.2-2.el7_0 AND nss-softokn-devel is signed with Red Hat redhatrelease2 key nss-softokn-freebl is earlier than 0:3.16.2-2.el7_0 AND nss-softokn-freebl is signed with Red Hat redhatrelease2 key nss-softokn-freebl-devel is earlier than 0:3.16.2-2.el7_0 AND nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key nss-util is earlier than 0:3.16.2-2.el7_0 AND nss-util is signed with Red Hat redhatrelease2 key nss-util-devel is earlier than 0:3.16.2-2.el7_0 AND nss-util-devel is signed with Red Hat redhatrelease2 key nss is earlier than 0:3.16.2-7.el7_0 AND nss is signed with Red Hat redhatrelease2 key nss-devel is earlier than 0:3.16.2-7.el7_0 AND nss-devel is signed with Red Hat redhatrelease2 key nss-pkcs11-devel is earlier than 0:3.16.2-7.el7_0 AND nss-pkcs11-devel is signed with Red Hat redhatrelease2 key nss-sysinit is earlier than 0:3.16.2-7.el7_0 AND nss-sysinit is signed with Red Hat redhatrelease2 key nss-tools is earlier than 0:3.16.2-7.el7_0 AND nss-tools is signed with Red Hat redhatrelease2 key

BACK