Skip to navigation

Security Advisory Critical: nspr and nss security and bug fix update

Advisory: RHSA-2009:1184-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-07-30
Last updated on: 2009-07-30
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-2404
CVE-2009-2408
CVE-2009-2409

Details

Updated nspr and nss packages that fix security issues and a bug are now
available for Red Hat Enterprise Linux 4.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Netscape Portable Runtime (NSPR) provides platform independence for non-GUI
operating system facilities. These facilities include threads, thread
synchronization, normal file and network I/O, interval timing, calendar
time, basic memory management (malloc and free), and shared library linking.

Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Applications built with NSS can support SSLv2, SSLv3, TLS,
and other security standards.

These updated packages upgrade NSS from the previous version, 3.12.2, to a
prerelease of version 3.12.4. The version of NSPR has also been upgraded
from 4.7.3 to 4.7.4.

Moxie Marlinspike reported a heap overflow flaw in a regular expression
parser in the NSS library used by browsers such as Mozilla Firefox to match
common names in certificates. A malicious website could present a
carefully-crafted certificate in such a way as to trigger the heap
overflow, leading to a crash or, possibly, arbitrary code execution with
the permissions of the user running the browser. (CVE-2009-2404)

Note: in order to exploit this issue without further user interaction in
Firefox, the carefully-crafted certificate would need to be signed by a
Certificate Authority trusted by Firefox, otherwise Firefox presents the
victim with a warning that the certificate is untrusted. Only if the user
then accepts the certificate will the overflow take place.

Dan Kaminsky discovered flaws in the way browsers such as Firefox handle
NULL characters in a certificate. If an attacker is able to get a
carefully-crafted certificate signed by a Certificate Authority trusted by
Firefox, the attacker could use the certificate during a man-in-the-middle
attack and potentially confuse Firefox into accepting it by mistake.
(CVE-2009-2408)

Dan Kaminsky found that browsers still accept certificates with MD2 hash
signatures, even though MD2 is no longer considered a cryptographically
strong algorithm. This could make it easier for an attacker to create a
malicious certificate that would be treated as trusted by a browser. NSS
now disables the use of MD2 and MD4 algorithms inside signatures by
default. (CVE-2009-2409)

These version upgrades also provide a fix for the following bug:

* SSL client authentication failed against an Apache server when it was
using the mod_nss module and configured for NSSOCSP. On the client side,
the user agent received an error message that referenced "Error Code:
-12271" and stated that establishing an encrypted connection had failed
because the certificate had been rejected by the host.

On the server side, the nss_error_log under /var/log/httpd/ contained the
following message:

[error] Re-negotiation handshake failed: Not accepted by client!?

Also, /var/log/httpd/error_log contained this error:

SSL Library Error: -8071 The OCSP server experienced an internal error

With these updated packages, the dependency problem which caused this
failure has been resolved so that SSL client authentication with an
Apache web server using mod_nss which is configured for NSSOCSP succeeds
as expected. Note that if the presented client certificate is expired,
then access is denied, the user agent is presented with an error message
about the invalid certificate, and the OCSP queries are seen in the OCSP
responder. Also, similar OCSP status verification happens for SSL server
certificates used in Apache upon instance start or restart. (BZ#508027)

All users of nspr and nss are advised to upgrade to these updated packages,
which resolve these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)

SRPMS:
nspr-4.7.4-1.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1282
    MD5: 2bce31cad7ae6353cb7ae6fbf6275551
nss-3.12.3.99.3-1.el4_8.2.src.rpm
File outdated by:  RHSA-2011:1444
    MD5: 179f37478ee864d74e43e41da15706e5
 
IA-32:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-devel-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7e8dd1e3eaa3c4f702b6ba7b850e5e5d
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-devel-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2053efa039d0d847e32afeb246a4c0ca
nss-tools-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2653669d30709d188089e247567ba9f7
 
x86_64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: d936f75e749dd41375d993288e7842b3
nspr-devel-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: a69b53bbba24b9aaa658576f1a959417
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 1f45595ac3a380a59a9d3d184f095f2d
nss-devel-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 62a9345f727289f8bdcfa11e13cbb779
nss-tools-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: c45f85ef7f83fd7240987c2e68c818f8
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
nspr-4.7.4-1.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1282
    MD5: 2bce31cad7ae6353cb7ae6fbf6275551
nss-3.12.3.99.3-1.el4_8.2.src.rpm
File outdated by:  RHSA-2011:1444
    MD5: 179f37478ee864d74e43e41da15706e5
 
IA-32:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-devel-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7e8dd1e3eaa3c4f702b6ba7b850e5e5d
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-devel-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2053efa039d0d847e32afeb246a4c0ca
nss-tools-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2653669d30709d188089e247567ba9f7
 
IA-64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1282
    MD5: 3c549da88cc3d7198975e5d0b9eee3aa
nspr-devel-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7f4716759a974afb805a8438c866c6b8
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: d4350804a0c6c43de36e983efd0a5550
nss-devel-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 019c6a5aa5301760f5deee02b66c8259
nss-tools-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 13f00fa2bced1a09754053ce2d41ec63
 
PPC:
nspr-4.7.4-1.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1282
    MD5: 9685f267964c17580947af4e91fd9bf7
nspr-4.7.4-1.el4_8.1.ppc64.rpm
File outdated by:  RHSA-2011:1282
    MD5: a91d9c766faf20f6edd3953d76c91608
nspr-devel-4.7.4-1.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1282
    MD5: 84d0374c71de9b8c06ebe22a08fb7743
nss-3.12.3.99.3-1.el4_8.2.ppc.rpm
File outdated by:  RHSA-2011:1444
    MD5: aa6c8a1f6c5f60ed4a5222ce56b41794
nss-3.12.3.99.3-1.el4_8.2.ppc64.rpm
File outdated by:  RHSA-2011:1444
    MD5: e57fda9a644ce8d135f406bf1f4f4012
nss-devel-3.12.3.99.3-1.el4_8.2.ppc.rpm
File outdated by:  RHSA-2011:1444
    MD5: 15147e25bf1980a99805acf9de9419cf
nss-tools-3.12.3.99.3-1.el4_8.2.ppc.rpm
File outdated by:  RHSA-2011:1444
    MD5: accf631b309bd1213181b73fa19a2df8
 
s390:
nspr-4.7.4-1.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1282
    MD5: 0f22d8a098a59753a37b519e3d9ff6d0
nspr-devel-4.7.4-1.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1282
    MD5: e801a5676b5972dd463e4eec145f6844
nss-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:1444
    MD5: afa67fe8579daae482e2d9536393f230
nss-devel-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:1444
    MD5: bc3c754673884b8e2ea46ba5ca57031f
nss-tools-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:1444
    MD5: cb5aef2ed9db394c77acb4bd9da7812c
 
s390x:
nspr-4.7.4-1.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1282
    MD5: 0f22d8a098a59753a37b519e3d9ff6d0
nspr-4.7.4-1.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1282
    MD5: ba1de41cb73038653d94e0816553fb7d
nspr-devel-4.7.4-1.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1282
    MD5: f258e124df630b41de320b041268b958
nss-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:1444
    MD5: afa67fe8579daae482e2d9536393f230
nss-3.12.3.99.3-1.el4_8.2.s390x.rpm
File outdated by:  RHSA-2011:1444
    MD5: d77bdd678ff45b4e31c91f04dccecca1
nss-devel-3.12.3.99.3-1.el4_8.2.s390x.rpm
File outdated by:  RHSA-2011:1444
    MD5: d938adb3cfa652239cddfdcf7c9c3ca7
nss-tools-3.12.3.99.3-1.el4_8.2.s390x.rpm
File outdated by:  RHSA-2011:1444
    MD5: 6e23c2eefdc08a0b3cea01f5a38d3327
 
x86_64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: d936f75e749dd41375d993288e7842b3
nspr-devel-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: a69b53bbba24b9aaa658576f1a959417
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 1f45595ac3a380a59a9d3d184f095f2d
nss-devel-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 62a9345f727289f8bdcfa11e13cbb779
nss-tools-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: c45f85ef7f83fd7240987c2e68c818f8
 
Red Hat Enterprise Linux AS (v. 4.8.z)

SRPMS:
nspr-4.7.4-1.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1282
    MD5: 2bce31cad7ae6353cb7ae6fbf6275551
nss-3.12.3.99.3-1.el4_8.2.src.rpm
File outdated by:  RHSA-2011:1444
    MD5: 179f37478ee864d74e43e41da15706e5
 
IA-32:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-devel-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 7e8dd1e3eaa3c4f702b6ba7b850e5e5d
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: e6325e1803751087cc5f35b03353a05b
nss-devel-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: 2053efa039d0d847e32afeb246a4c0ca
nss-tools-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: 2653669d30709d188089e247567ba9f7
 
IA-64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2010:0681
    MD5: 3c549da88cc3d7198975e5d0b9eee3aa
nspr-devel-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2010:0681
    MD5: 7f4716759a974afb805a8438c866c6b8
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:0472
    MD5: d4350804a0c6c43de36e983efd0a5550
nss-devel-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 019c6a5aa5301760f5deee02b66c8259
nss-tools-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 13f00fa2bced1a09754053ce2d41ec63
 
PPC:
nspr-4.7.4-1.el4_8.1.ppc.rpm
File outdated by:  RHSA-2010:0681
    MD5: 9685f267964c17580947af4e91fd9bf7
nspr-4.7.4-1.el4_8.1.ppc64.rpm
File outdated by:  RHSA-2010:0681
    MD5: a91d9c766faf20f6edd3953d76c91608
nspr-devel-4.7.4-1.el4_8.1.ppc.rpm
File outdated by:  RHSA-2010:0681
    MD5: 84d0374c71de9b8c06ebe22a08fb7743
nss-3.12.3.99.3-1.el4_8.2.ppc.rpm
File outdated by:  RHSA-2011:0472
    MD5: aa6c8a1f6c5f60ed4a5222ce56b41794
nss-3.12.3.99.3-1.el4_8.2.ppc64.rpm
File outdated by:  RHSA-2011:0472
    MD5: e57fda9a644ce8d135f406bf1f4f4012
nss-devel-3.12.3.99.3-1.el4_8.2.ppc.rpm
File outdated by:  RHSA-2011:0472
    MD5: 15147e25bf1980a99805acf9de9419cf
nss-tools-3.12.3.99.3-1.el4_8.2.ppc.rpm
File outdated by:  RHSA-2011:0472
    MD5: accf631b309bd1213181b73fa19a2df8
 
s390:
nspr-4.7.4-1.el4_8.1.s390.rpm
File outdated by:  RHSA-2010:0681
    MD5: 0f22d8a098a59753a37b519e3d9ff6d0
nspr-devel-4.7.4-1.el4_8.1.s390.rpm
File outdated by:  RHSA-2010:0681
    MD5: e801a5676b5972dd463e4eec145f6844
nss-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:0472
    MD5: afa67fe8579daae482e2d9536393f230
nss-devel-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:0472
    MD5: bc3c754673884b8e2ea46ba5ca57031f
nss-tools-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:0472
    MD5: cb5aef2ed9db394c77acb4bd9da7812c
 
s390x:
nspr-4.7.4-1.el4_8.1.s390.rpm
File outdated by:  RHSA-2010:0681
    MD5: 0f22d8a098a59753a37b519e3d9ff6d0
nspr-4.7.4-1.el4_8.1.s390x.rpm
File outdated by:  RHSA-2010:0681
    MD5: ba1de41cb73038653d94e0816553fb7d
nspr-devel-4.7.4-1.el4_8.1.s390x.rpm
File outdated by:  RHSA-2010:0681
    MD5: f258e124df630b41de320b041268b958
nss-3.12.3.99.3-1.el4_8.2.s390.rpm
File outdated by:  RHSA-2011:0472
    MD5: afa67fe8579daae482e2d9536393f230
nss-3.12.3.99.3-1.el4_8.2.s390x.rpm
File outdated by:  RHSA-2011:0472
    MD5: d77bdd678ff45b4e31c91f04dccecca1
nss-devel-3.12.3.99.3-1.el4_8.2.s390x.rpm
File outdated by:  RHSA-2011:0472
    MD5: d938adb3cfa652239cddfdcf7c9c3ca7
nss-tools-3.12.3.99.3-1.el4_8.2.s390x.rpm
File outdated by:  RHSA-2011:0472
    MD5: 6e23c2eefdc08a0b3cea01f5a38d3327
 
x86_64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2010:0681
    MD5: d936f75e749dd41375d993288e7842b3
nspr-devel-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2010:0681
    MD5: a69b53bbba24b9aaa658576f1a959417
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 1f45595ac3a380a59a9d3d184f095f2d
nss-devel-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 62a9345f727289f8bdcfa11e13cbb779
nss-tools-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:0472
    MD5: c45f85ef7f83fd7240987c2e68c818f8
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
nspr-4.7.4-1.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1282
    MD5: 2bce31cad7ae6353cb7ae6fbf6275551
nss-3.12.3.99.3-1.el4_8.2.src.rpm
File outdated by:  RHSA-2011:1444
    MD5: 179f37478ee864d74e43e41da15706e5
 
IA-32:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-devel-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7e8dd1e3eaa3c4f702b6ba7b850e5e5d
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-devel-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2053efa039d0d847e32afeb246a4c0ca
nss-tools-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2653669d30709d188089e247567ba9f7
 
IA-64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1282
    MD5: 3c549da88cc3d7198975e5d0b9eee3aa
nspr-devel-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7f4716759a974afb805a8438c866c6b8
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: d4350804a0c6c43de36e983efd0a5550
nss-devel-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 019c6a5aa5301760f5deee02b66c8259
nss-tools-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 13f00fa2bced1a09754053ce2d41ec63
 
x86_64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: d936f75e749dd41375d993288e7842b3
nspr-devel-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: a69b53bbba24b9aaa658576f1a959417
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 1f45595ac3a380a59a9d3d184f095f2d
nss-devel-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 62a9345f727289f8bdcfa11e13cbb779
nss-tools-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: c45f85ef7f83fd7240987c2e68c818f8
 
Red Hat Enterprise Linux ES (v. 4.8.z)

SRPMS:
nspr-4.7.4-1.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1282
    MD5: 2bce31cad7ae6353cb7ae6fbf6275551
nss-3.12.3.99.3-1.el4_8.2.src.rpm
File outdated by:  RHSA-2011:1444
    MD5: 179f37478ee864d74e43e41da15706e5
 
IA-32:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-devel-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 7e8dd1e3eaa3c4f702b6ba7b850e5e5d
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: e6325e1803751087cc5f35b03353a05b
nss-devel-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: 2053efa039d0d847e32afeb246a4c0ca
nss-tools-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: 2653669d30709d188089e247567ba9f7
 
IA-64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2010:0681
    MD5: 3c549da88cc3d7198975e5d0b9eee3aa
nspr-devel-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2010:0681
    MD5: 7f4716759a974afb805a8438c866c6b8
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:0472
    MD5: d4350804a0c6c43de36e983efd0a5550
nss-devel-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 019c6a5aa5301760f5deee02b66c8259
nss-tools-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 13f00fa2bced1a09754053ce2d41ec63
 
x86_64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2010:0681
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2010:0681
    MD5: d936f75e749dd41375d993288e7842b3
nspr-devel-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2010:0681
    MD5: a69b53bbba24b9aaa658576f1a959417
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:0472
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 1f45595ac3a380a59a9d3d184f095f2d
nss-devel-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:0472
    MD5: 62a9345f727289f8bdcfa11e13cbb779
nss-tools-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:0472
    MD5: c45f85ef7f83fd7240987c2e68c818f8
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
nspr-4.7.4-1.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1282
    MD5: 2bce31cad7ae6353cb7ae6fbf6275551
nss-3.12.3.99.3-1.el4_8.2.src.rpm
File outdated by:  RHSA-2011:1444
    MD5: 179f37478ee864d74e43e41da15706e5
 
IA-32:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-devel-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7e8dd1e3eaa3c4f702b6ba7b850e5e5d
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-devel-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2053efa039d0d847e32afeb246a4c0ca
nss-tools-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: 2653669d30709d188089e247567ba9f7
 
IA-64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1282
    MD5: 3c549da88cc3d7198975e5d0b9eee3aa
nspr-devel-4.7.4-1.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1282
    MD5: 7f4716759a974afb805a8438c866c6b8
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: d4350804a0c6c43de36e983efd0a5550
nss-devel-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 019c6a5aa5301760f5deee02b66c8259
nss-tools-3.12.3.99.3-1.el4_8.2.ia64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 13f00fa2bced1a09754053ce2d41ec63
 
x86_64:
nspr-4.7.4-1.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1282
    MD5: 910fca8b15b3564661520c635f9c5eb1
nspr-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: d936f75e749dd41375d993288e7842b3
nspr-devel-4.7.4-1.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1282
    MD5: a69b53bbba24b9aaa658576f1a959417
nss-3.12.3.99.3-1.el4_8.2.i386.rpm
File outdated by:  RHSA-2011:1444
    MD5: e6325e1803751087cc5f35b03353a05b
nss-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 1f45595ac3a380a59a9d3d184f095f2d
nss-devel-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: 62a9345f727289f8bdcfa11e13cbb779
nss-tools-3.12.3.99.3-1.el4_8.2.x86_64.rpm
File outdated by:  RHSA-2011:1444
    MD5: c45f85ef7f83fd7240987c2e68c818f8
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

508027 - rhcs80beta TPS and mod_nss with NSSOCSP has ssl errors and unable to use agent service
510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky)
510251 - CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly
512912 - CVE-2009-2404 nss regexp heap overflow


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/