Skip to navigation

Security Advisory Critical: nspr and nss security, bug fix, and enhancement update

Advisory: RHSA-2009:1186-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-07-30
Last updated on: 2009-07-30
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux Long Life (v. 5.3 server)
CVEs (cve.mitre.org): CVE-2009-2404
CVE-2009-2408
CVE-2009-2409

Details

Updated nspr and nss packages that fix security issues, bugs, and add an
enhancement are now available for Red Hat Enterprise Linux 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The packages with this update are identical to the packages released by
RHBA-2009:1161 on the 20th of July 2009. They are being reissued as a Red
Hat Security Advisory as they fixed a number of security issues that were
made public today. If you are installing these packages for the first time,
they also provide a number of bug fixes and add an enhancement, as detailed
in RHBA-2009:1161. Since the packages are identical, there is no need to
install this update if RHBA-2009:1161 has already been installed.

Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
operating system facilities. These facilities include threads, thread
synchronization, normal file and network I/O, interval timing, calendar
time, basic memory management (malloc and free), and shared library linking.

Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Applications built with NSS can support SSLv2, SSLv3, TLS,
and other security standards.

These updated packages upgrade NSS from the previous version, 3.12.2, to a
prerelease of version 3.12.4. The version of NSPR has also been upgraded
from 4.7.3 to 4.7.4.

Moxie Marlinspike reported a heap overflow flaw in a regular expression
parser in the NSS library used by browsers such as Mozilla Firefox to match
common names in certificates. A malicious website could present a
carefully-crafted certificate in such a way as to trigger the heap
overflow, leading to a crash or, possibly, arbitrary code execution with
the permissions of the user running the browser. (CVE-2009-2404)

Note: in order to exploit this issue without further user interaction in
Firefox, the carefully-crafted certificate would need to be signed by a
Certificate Authority trusted by Firefox, otherwise Firefox presents the
victim with a warning that the certificate is untrusted. Only if the user
then accepts the certificate will the overflow take place.

Dan Kaminsky discovered flaws in the way browsers such as Firefox handle
NULL characters in a certificate. If an attacker is able to get a
carefully-crafted certificate signed by a Certificate Authority trusted by
Firefox, the attacker could use the certificate during a man-in-the-middle
attack and potentially confuse Firefox into accepting it by mistake.
(CVE-2009-2408)

Dan Kaminsky found that browsers still accept certificates with MD2 hash
signatures, even though MD2 is no longer considered a cryptographically
strong algorithm. This could make it easier for an attacker to create a
malicious certificate that would be treated as trusted by a browser. NSS
now disables the use of MD2 and MD4 algorithms inside signatures by
default. (CVE-2009-2409)

All users of nspr and nss are advised to upgrade to these updated packages,
which resolve these issues and add an enhancement.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
nspr-4.7.4-1.el5_3.1.src.rpm
File outdated by:  RHSA-2013:1791
    MD5: 3266de8d6c57a6f622cc5268ea2d5906
nss-3.12.3.99.3-1.el5_3.2.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7134501be46638571c297422564f087c
 
IA-32:
nspr-devel-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 52b5d39d80417ee22f0f0998e50765f2
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7c87d832b089185d1790a34790d7068e
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 73c1637791f6e0e6bd21a64367352260
 
x86_64:
nspr-devel-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 52b5d39d80417ee22f0f0998e50765f2
nspr-devel-4.7.4-1.el5_3.1.x86_64.rpm
File outdated by:  RHSA-2013:1791
    MD5: d61e85808dfbd0928d73eadfd313aedd
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7c87d832b089185d1790a34790d7068e
nss-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: a4f032769f9541266de4521fb0786a97
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 73c1637791f6e0e6bd21a64367352260
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 67d56f7d2757846dbcbd5b053efce39c
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
nspr-4.7.4-1.el5_3.1.src.rpm
File outdated by:  RHSA-2013:1791
    MD5: 3266de8d6c57a6f622cc5268ea2d5906
nss-3.12.3.99.3-1.el5_3.2.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7134501be46638571c297422564f087c
 
IA-32:
nspr-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-devel-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 52b5d39d80417ee22f0f0998e50765f2
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: a2562831fbad1e62266525725bc811f3
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7c87d832b089185d1790a34790d7068e
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 73c1637791f6e0e6bd21a64367352260
nss-tools-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 98f0eb6e27d5a8a54818c39367e760d3
 
IA-64:
nspr-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.ia64.rpm
File outdated by:  RHSA-2013:1791
    MD5: 90605e08dc08192e734516e87ab9440d
nspr-devel-4.7.4-1.el5_3.1.ia64.rpm
File outdated by:  RHSA-2013:1791
    MD5: aa31f5d7c22ba44f4fa2d343d047d64c
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 1393681c7ebd12fba7decd3e821a5a73
nss-devel-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 59deaddca260a26e9c44a6d2a11f4170
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7add8d69672bdfbbd2c52c4db2ba6480
nss-tools-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 6d6533515ea4d59150b4cad5c32f00a8
 
PPC:
nspr-4.7.4-1.el5_3.1.ppc.rpm
File outdated by:  RHSA-2013:1791
    MD5: 7b4a2c4a79e270efd259e2bf37a30f00
nspr-4.7.4-1.el5_3.1.ppc64.rpm
File outdated by:  RHSA-2013:1791
    MD5: 704f538e57bf1b66e62bd7374317b1d1
nspr-devel-4.7.4-1.el5_3.1.ppc.rpm
File outdated by:  RHSA-2013:1791
    MD5: 5acb4c13a965f97b576b175e22cd0512
nspr-devel-4.7.4-1.el5_3.1.ppc64.rpm
File outdated by:  RHSA-2013:1791
    MD5: 2d08f91bf99cabb315e80ea2b50070ab
nss-3.12.3.99.3-1.el5_3.2.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: 42af7b4cdceb7a4dcfa0c1fd669b6fc8
nss-3.12.3.99.3-1.el5_3.2.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: e1d6e3ed803f2922b9c0d7833cf9bcb8
nss-devel-3.12.3.99.3-1.el5_3.2.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: 867e9f05c6bdf71b210e963be0691b4e
nss-devel-3.12.3.99.3-1.el5_3.2.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 8325d79d1ce248dbbdac690f4ba2e4be
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: 10333216bc262d6093781da02027ad2c
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 29b07f55c84e1f098733b693a243e5f8
nss-tools-3.12.3.99.3-1.el5_3.2.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: 6002ab80897e44c2ea926b63e4dc8581
 
s390x:
nspr-4.7.4-1.el5_3.1.s390.rpm
File outdated by:  RHSA-2013:1791
    MD5: 064ecd6e8f25dde41524fa1e5f786c1f
nspr-4.7.4-1.el5_3.1.s390x.rpm
File outdated by:  RHSA-2013:1791
    MD5: e78aca69208b855df8993a3278a65fc9
nspr-devel-4.7.4-1.el5_3.1.s390.rpm
File outdated by:  RHSA-2013:1791
    MD5: e49f08f95aa6b44aed163c0f7a428d2e
nspr-devel-4.7.4-1.el5_3.1.s390x.rpm
File outdated by:  RHSA-2013:1791
    MD5: 0a2f7c19fe5784a8ff3fa411344a0f87
nss-3.12.3.99.3-1.el5_3.2.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: 8afea37ef4a52276a0bec481974461b6
nss-3.12.3.99.3-1.el5_3.2.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: 70380475c382fc2a2c4c40e7a1dc555d
nss-devel-3.12.3.99.3-1.el5_3.2.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: 2b8eebc74b63185bd757d2264ce5eaa6
nss-devel-3.12.3.99.3-1.el5_3.2.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: e4dcc9c2a29f75339f4fffe412dc40cf
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: b8712a7a713392fc6444d2e86e29d5b0
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: c4e6a2d740d7c2acceed7a58e80daeb8
nss-tools-3.12.3.99.3-1.el5_3.2.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: 2caae460a3e3499d452a0e4ef0079996
 
x86_64:
nspr-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.x86_64.rpm
File outdated by:  RHSA-2013:1791
    MD5: 58b9d2c75c30dbbde72057d546d120db
nspr-devel-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 52b5d39d80417ee22f0f0998e50765f2
nspr-devel-4.7.4-1.el5_3.1.x86_64.rpm
File outdated by:  RHSA-2013:1791
    MD5: d61e85808dfbd0928d73eadfd313aedd
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 27c171bd0d115a2b250b2a8e401be838
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7c87d832b089185d1790a34790d7068e
nss-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: a4f032769f9541266de4521fb0786a97
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 73c1637791f6e0e6bd21a64367352260
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 67d56f7d2757846dbcbd5b053efce39c
nss-tools-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7a46363e9f5bc3b67a0ebc27e4d045fb
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
nspr-4.7.4-1.el5_3.1.src.rpm
File outdated by:  RHSA-2013:1791
    MD5: 3266de8d6c57a6f622cc5268ea2d5906
nss-3.12.3.99.3-1.el5_3.2.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7134501be46638571c297422564f087c
 
IA-32:
nspr-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 49e1819d41e4b1d7c649c6394bb12e51
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: a2562831fbad1e62266525725bc811f3
nss-tools-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 98f0eb6e27d5a8a54818c39367e760d3
 
x86_64:
nspr-4.7.4-1.el5_3.1.i386.rpm
File outdated by:  RHSA-2013:1791
    MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.x86_64.rpm
File outdated by:  RHSA-2013:1791
    MD5: 58b9d2c75c30dbbde72057d546d120db
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 27c171bd0d115a2b250b2a8e401be838
nss-tools-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7a46363e9f5bc3b67a0ebc27e4d045fb
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)

SRPMS:
nspr-4.7.4-1.el5_3.1.src.rpm
File outdated by:  RHSA-2013:1791
    MD5: 3266de8d6c57a6f622cc5268ea2d5906
nss-3.12.3.99.3-1.el5_3.2.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7134501be46638571c297422564f087c
 
IA-32:
nspr-4.7.4-1.el5_3.1.i386.rpm     MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-devel-4.7.4-1.el5_3.1.i386.rpm     MD5: 52b5d39d80417ee22f0f0998e50765f2
nss-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: a2562831fbad1e62266525725bc811f3
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: 7c87d832b089185d1790a34790d7068e
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: 73c1637791f6e0e6bd21a64367352260
nss-tools-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: 98f0eb6e27d5a8a54818c39367e760d3
 
IA-64:
nspr-4.7.4-1.el5_3.1.i386.rpm     MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.ia64.rpm     MD5: 90605e08dc08192e734516e87ab9440d
nspr-devel-4.7.4-1.el5_3.1.ia64.rpm     MD5: aa31f5d7c22ba44f4fa2d343d047d64c
nss-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.ia64.rpm     MD5: 1393681c7ebd12fba7decd3e821a5a73
nss-devel-3.12.3.99.3-1.el5_3.2.ia64.rpm     MD5: 59deaddca260a26e9c44a6d2a11f4170
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ia64.rpm     MD5: 7add8d69672bdfbbd2c52c4db2ba6480
nss-tools-3.12.3.99.3-1.el5_3.2.ia64.rpm     MD5: 6d6533515ea4d59150b4cad5c32f00a8
 
PPC:
nspr-4.7.4-1.el5_3.1.ppc.rpm     MD5: 7b4a2c4a79e270efd259e2bf37a30f00
nspr-4.7.4-1.el5_3.1.ppc64.rpm     MD5: 704f538e57bf1b66e62bd7374317b1d1
nspr-devel-4.7.4-1.el5_3.1.ppc.rpm     MD5: 5acb4c13a965f97b576b175e22cd0512
nspr-devel-4.7.4-1.el5_3.1.ppc64.rpm     MD5: 2d08f91bf99cabb315e80ea2b50070ab
nss-3.12.3.99.3-1.el5_3.2.ppc.rpm     MD5: 42af7b4cdceb7a4dcfa0c1fd669b6fc8
nss-3.12.3.99.3-1.el5_3.2.ppc64.rpm     MD5: e1d6e3ed803f2922b9c0d7833cf9bcb8
nss-devel-3.12.3.99.3-1.el5_3.2.ppc.rpm     MD5: 867e9f05c6bdf71b210e963be0691b4e
nss-devel-3.12.3.99.3-1.el5_3.2.ppc64.rpm     MD5: 8325d79d1ce248dbbdac690f4ba2e4be
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ppc.rpm     MD5: 10333216bc262d6093781da02027ad2c
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ppc64.rpm     MD5: 29b07f55c84e1f098733b693a243e5f8
nss-tools-3.12.3.99.3-1.el5_3.2.ppc.rpm     MD5: 6002ab80897e44c2ea926b63e4dc8581
 
s390x:
nspr-4.7.4-1.el5_3.1.s390.rpm     MD5: 064ecd6e8f25dde41524fa1e5f786c1f
nspr-4.7.4-1.el5_3.1.s390x.rpm     MD5: e78aca69208b855df8993a3278a65fc9
nspr-devel-4.7.4-1.el5_3.1.s390.rpm     MD5: e49f08f95aa6b44aed163c0f7a428d2e
nspr-devel-4.7.4-1.el5_3.1.s390x.rpm     MD5: 0a2f7c19fe5784a8ff3fa411344a0f87
nss-3.12.3.99.3-1.el5_3.2.s390.rpm     MD5: 8afea37ef4a52276a0bec481974461b6
nss-3.12.3.99.3-1.el5_3.2.s390x.rpm     MD5: 70380475c382fc2a2c4c40e7a1dc555d
nss-devel-3.12.3.99.3-1.el5_3.2.s390.rpm     MD5: 2b8eebc74b63185bd757d2264ce5eaa6
nss-devel-3.12.3.99.3-1.el5_3.2.s390x.rpm     MD5: e4dcc9c2a29f75339f4fffe412dc40cf
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.s390.rpm     MD5: b8712a7a713392fc6444d2e86e29d5b0
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.s390x.rpm     MD5: c4e6a2d740d7c2acceed7a58e80daeb8
nss-tools-3.12.3.99.3-1.el5_3.2.s390x.rpm     MD5: 2caae460a3e3499d452a0e4ef0079996
 
x86_64:
nspr-4.7.4-1.el5_3.1.i386.rpm     MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.x86_64.rpm     MD5: 58b9d2c75c30dbbde72057d546d120db
nspr-devel-4.7.4-1.el5_3.1.i386.rpm     MD5: 52b5d39d80417ee22f0f0998e50765f2
nspr-devel-4.7.4-1.el5_3.1.x86_64.rpm     MD5: d61e85808dfbd0928d73eadfd313aedd
nss-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.x86_64.rpm     MD5: 27c171bd0d115a2b250b2a8e401be838
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: 7c87d832b089185d1790a34790d7068e
nss-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm     MD5: a4f032769f9541266de4521fb0786a97
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm     MD5: 73c1637791f6e0e6bd21a64367352260
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm     MD5: 67d56f7d2757846dbcbd5b053efce39c
nss-tools-3.12.3.99.3-1.el5_3.2.x86_64.rpm     MD5: 7a46363e9f5bc3b67a0ebc27e4d045fb
 
Red Hat Enterprise Linux Long Life (v. 5.3 server)

SRPMS:
nspr-4.7.4-1.el5_3.1.src.rpm
File outdated by:  RHSA-2013:1791
    MD5: 3266de8d6c57a6f622cc5268ea2d5906
nss-3.12.3.99.3-1.el5_3.2.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7134501be46638571c297422564f087c
 
IA-32:
nspr-4.7.4-1.el5_3.1.i386.rpm     MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-devel-4.7.4-1.el5_3.1.i386.rpm     MD5: 52b5d39d80417ee22f0f0998e50765f2
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: a2562831fbad1e62266525725bc811f3
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: 7c87d832b089185d1790a34790d7068e
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: 73c1637791f6e0e6bd21a64367352260
nss-tools-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: 98f0eb6e27d5a8a54818c39367e760d3
 
IA-64:
nspr-4.7.4-1.el5_3.1.i386.rpm     MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.ia64.rpm     MD5: 90605e08dc08192e734516e87ab9440d
nspr-devel-4.7.4-1.el5_3.1.ia64.rpm     MD5: aa31f5d7c22ba44f4fa2d343d047d64c
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 1393681c7ebd12fba7decd3e821a5a73
nss-devel-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 59deaddca260a26e9c44a6d2a11f4170
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 7add8d69672bdfbbd2c52c4db2ba6480
nss-tools-3.12.3.99.3-1.el5_3.2.ia64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 6d6533515ea4d59150b4cad5c32f00a8
 
x86_64:
nspr-4.7.4-1.el5_3.1.i386.rpm     MD5: 49e1819d41e4b1d7c649c6394bb12e51
nspr-4.7.4-1.el5_3.1.x86_64.rpm     MD5: 58b9d2c75c30dbbde72057d546d120db
nspr-devel-4.7.4-1.el5_3.1.i386.rpm     MD5: 52b5d39d80417ee22f0f0998e50765f2
nspr-devel-4.7.4-1.el5_3.1.x86_64.rpm     MD5: d61e85808dfbd0928d73eadfd313aedd
nss-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: a2562831fbad1e62266525725bc811f3
nss-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 27c171bd0d115a2b250b2a8e401be838
nss-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: 7c87d832b089185d1790a34790d7068e
nss-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1841
    MD5: a4f032769f9541266de4521fb0786a97
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.i386.rpm
File outdated by:  RHSA-2013:1841
    MD5: 73c1637791f6e0e6bd21a64367352260
nss-pkcs11-devel-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 67d56f7d2757846dbcbd5b053efce39c
nss-tools-3.12.3.99.3-1.el5_3.2.x86_64.rpm
File outdated by:  RHSA-2013:1841
    MD5: 7a46363e9f5bc3b67a0ebc27e4d045fb
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)
510251 - CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly
512912 - CVE-2009-2404 nss regexp heap overflow


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/