Skip to navigation

Security Advisory Important: nss and nspr security, bug fix, and enhancement update

Advisory: RHSA-2013:1791-1
Type: Security Advisory
Severity: Important
Issued on: 2013-12-05
Last updated on: 2013-12-05
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2013-1739
CVE-2013-1741
CVE-2013-5605
CVE-2013-5606
CVE-2013-5607

Details

Updated nss and nspr packages that fix multiple security issues, several
bugs, and add various enhancements are now available for Red Hat Enterprise
Linux 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Netscape Portable Runtime (NSPR) provides platform
independence for non-GUI operating system facilities.

A flaw was found in the way NSS handled invalid handshake packets. A remote
attacker could use this flaw to cause a TLS/SSL client using NSS to crash
or, possibly, execute arbitrary code with the privileges of the user
running the application. (CVE-2013-5605)

It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135
introduced a regression causing NSS to read uninitialized data when a
decryption failure occurred. A remote attacker could use this flaw to cause
a TLS/SSL server using NSS to crash. (CVE-2013-1739)

An integer overflow flaw was discovered in both NSS and NSPR's
implementation of certification parsing on 64-bit systems. A remote
attacker could use these flaws to cause an application using NSS or NSPR to
crash. (CVE-2013-1741, CVE-2013-5607)

It was discovered that NSS did not reject certificates with incompatible
key usage constraints when validating them while the verifyLog feature was
enabled. An application using the NSS certificate validation API could
accept an invalid certificate. (CVE-2013-5606)

Red Hat would like to thank the Mozilla project for reporting
CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges
Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as
the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and
Wan-Teh Chang as the original reporters of CVE-2013-5607.

In addition, the nss package has been upgraded to upstream version 3.15.3,
and the nspr package has been upgraded to upstream version 4.10.2.
These updates provide a number of bug fixes and enhancements over the
previous versions. (BZ#1033478, BZ#1020520)

This update also fixes the following bug:

* The RHBA-2013:1318 update introduced a regression that prevented the use
of certificates that have an MD5 signature. This update fixes this
regression and certificates that have an MD5 signature are once again
supported. To prevent the use of certificates that have an MD5 signature,
set the "NSS_HASH_ALG_SUPPORT" environment variable to "-MD5". (BZ#1033499)

Users of NSS and NSPR are advised to upgrade to these updated packages,
which fix these issues and add these enhancements. After installing this
update, applications using NSS or NSPR must be restarted for this update to
take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
nspr-4.10.2-2.el5_10.src.rpm     MD5: 597c2da8866e4750c7d3e224e8d76969
SHA-256: fcbbd12d49123657ce79eed12cb5a92bcf1ae24a71ad4d2a844c39d564ad148c
nss-3.15.3-3.el5_10.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 93012b3957cc2f7588099850b2b0c597
SHA-256: 4d06c4c92bb643866fb2f7d745d0f640c9a5fcd6d636e68487b0181c880bc24f
 
IA-32:
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nspr-devel-4.10.2-2.el5_10.i386.rpm     MD5: e13dd3efc145a728a91292254a7e38d8
SHA-256: c6f91202a0add3d726b4b0372b7fecfc2cd3684b64cbad49c9ab04c250d28a3f
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: b231c7fa893c1c5b73fa0b946dbe34bd
SHA-256: 5db6988113f9b5bbf1ea60cef18c147143053ff3dce36566d756f11ae5436be5
nss-pkcs11-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: e270a346473c09e2a018a6202edf72d7
SHA-256: 030bb74aade851e41a228c2e12d253c7fcb86996c3e62a98d4f38038b1ce11dc
 
x86_64:
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nspr-debuginfo-4.10.2-2.el5_10.x86_64.rpm     MD5: 6b70cbbf595d7636d0f8541665a29fe9
SHA-256: 867dacc9c294393c92b46afd046bc22a7c9574781182a4e3994414bbef482d82
nspr-devel-4.10.2-2.el5_10.i386.rpm     MD5: e13dd3efc145a728a91292254a7e38d8
SHA-256: c6f91202a0add3d726b4b0372b7fecfc2cd3684b64cbad49c9ab04c250d28a3f
nspr-devel-4.10.2-2.el5_10.x86_64.rpm     MD5: aeb814a5be0ecc922e35b71ca923217b
SHA-256: 15ff51f94fea5d986f4d8dee3b4f7ffc274ac4f1a3a0ff4c8c9e5a4965159319
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-debuginfo-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: abd34c5c46798f958ac413e59281ac01
SHA-256: f4199f68c02b9f72c403070037c22c52c6a66426d5acf679c2b6b41817910cc1
nss-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: b231c7fa893c1c5b73fa0b946dbe34bd
SHA-256: 5db6988113f9b5bbf1ea60cef18c147143053ff3dce36566d756f11ae5436be5
nss-devel-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 2fe3fa8d2eb0c1341070868585f3e8a2
SHA-256: 62c2c49bbddecaf5e89234a982f0c5026daa0b7f9991170056b532005c4defe7
nss-pkcs11-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: e270a346473c09e2a018a6202edf72d7
SHA-256: 030bb74aade851e41a228c2e12d253c7fcb86996c3e62a98d4f38038b1ce11dc
nss-pkcs11-devel-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: bad64e48c0da1fbd26d4ab1a068614a9
SHA-256: 7094b16a97e21ba007c844f7c7d8edbc1637d2fad27249e87c99193ff543d4ac
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
nspr-4.10.2-2.el5_10.src.rpm     MD5: 597c2da8866e4750c7d3e224e8d76969
SHA-256: fcbbd12d49123657ce79eed12cb5a92bcf1ae24a71ad4d2a844c39d564ad148c
nss-3.15.3-3.el5_10.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 93012b3957cc2f7588099850b2b0c597
SHA-256: 4d06c4c92bb643866fb2f7d745d0f640c9a5fcd6d636e68487b0181c880bc24f
 
IA-32:
nspr-4.10.2-2.el5_10.i386.rpm     MD5: 8658787a9cb545daddbc5d351c8dc0c4
SHA-256: d49fa42be509b5cd97176595995bb9f870912fbe99717cba5a0a701febced5a9
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nspr-devel-4.10.2-2.el5_10.i386.rpm     MD5: e13dd3efc145a728a91292254a7e38d8
SHA-256: c6f91202a0add3d726b4b0372b7fecfc2cd3684b64cbad49c9ab04c250d28a3f
nss-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9832bd0f6f263679e362aff901203725
SHA-256: c3e7c2ae02dd3c15688b011c6d0a726244a8b538ec9c9fd2e0a297442017f897
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: b231c7fa893c1c5b73fa0b946dbe34bd
SHA-256: 5db6988113f9b5bbf1ea60cef18c147143053ff3dce36566d756f11ae5436be5
nss-pkcs11-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: e270a346473c09e2a018a6202edf72d7
SHA-256: 030bb74aade851e41a228c2e12d253c7fcb86996c3e62a98d4f38038b1ce11dc
nss-tools-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 83daaa4d47396f43ce66f06d96923dde
SHA-256: ddaaa72b447d4a10c65af33542b066eb98a131a0955ed5fc3514397e438eac80
 
IA-64:
nspr-4.10.2-2.el5_10.i386.rpm     MD5: 8658787a9cb545daddbc5d351c8dc0c4
SHA-256: d49fa42be509b5cd97176595995bb9f870912fbe99717cba5a0a701febced5a9
nspr-4.10.2-2.el5_10.ia64.rpm     MD5: ba20cbc97371856de4cc36103221a38f
SHA-256: 76d41dad7983a51e0afc13586087eb564dba05779478dcc6d1685cb0237e970f
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nspr-debuginfo-4.10.2-2.el5_10.ia64.rpm     MD5: fd05f3b3533b68a21ec39008de20db0b
SHA-256: f4ab6e3e4bf673ac27986eb33ba0b4c18373f8cd5db956cba1d30e5701281b3c
nspr-devel-4.10.2-2.el5_10.ia64.rpm     MD5: 043227c5d3f168c70d17c8f7034d497c
SHA-256: 3b61990d19a827e51cc3dc85febff612623dbc84f5523a009d28c671673f9dbb
nss-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9832bd0f6f263679e362aff901203725
SHA-256: c3e7c2ae02dd3c15688b011c6d0a726244a8b538ec9c9fd2e0a297442017f897
nss-3.15.3-3.el5_10.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 2b864a80bf2a7039a6ac9f1cfe511fc2
SHA-256: ed04d40c740c935eb5d5032d28bbee343e0af8c3fd0c48cd439491ccfe3b357a
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-debuginfo-3.15.3-3.el5_10.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: e7cb0d0739e5c62ebe668c84903528d0
SHA-256: 14b5a3bb76129de544dda260a232394b1cf0d3fbdd6c8b0079206c1f0ec6227a
nss-devel-3.15.3-3.el5_10.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 75b7597c2fcb81c0e803fd7f91ec4470
SHA-256: 914514b77e031ab2e6fc7a2c870500ee079d682d0472392f8f98243e04149e1d
nss-pkcs11-devel-3.15.3-3.el5_10.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 4caaba77912330958a7c9e2c7b12654d
SHA-256: b87c4aa178e55f882a04b007d4077daf832649803ddda5119113b1629f1a35b9
nss-tools-3.15.3-3.el5_10.ia64.rpm
File outdated by:  RHSA-2013:1861
    MD5: b821c55c6bbabb0bc55f8af136e6bd14
SHA-256: 53268f8a3bad6c343414e6316c32fb4333615313f194173b9b3600a2dab988d7
 
PPC:
nspr-4.10.2-2.el5_10.ppc.rpm     MD5: 1c32ee6aba06426b25fb4965e3f3d1ed
SHA-256: f8086c54bdcc1de4dbaafe8d8c206e387915b354b693d5d831b9b414cafa54e0
nspr-4.10.2-2.el5_10.ppc64.rpm     MD5: 525aba08b8dfe86adac1ed736a9f1e16
SHA-256: 97241f215d12325faa0b44069f466a2b099eb9a049c4cec4541cbd088e0d0803
nspr-debuginfo-4.10.2-2.el5_10.ppc.rpm     MD5: 8f80aa646fc75433ec2b8a6054bd5025
SHA-256: 4912de0633943e7ae83e427b18448bdbeb9f96ebe635dc7de2c85b7dafe1af5d
nspr-debuginfo-4.10.2-2.el5_10.ppc64.rpm     MD5: d82607482e40af6a9e93b4e59761bbeb
SHA-256: 97d26ae6da894c109fe581c2198dea11cab1a04a6513823f688388b04605f256
nspr-devel-4.10.2-2.el5_10.ppc.rpm     MD5: 813771f7eaf888d079699580c83ee396
SHA-256: 6517141d037b1399418b9079562b2062717e6006c90a0b81f7e05409fce6b9bf
nspr-devel-4.10.2-2.el5_10.ppc64.rpm     MD5: de49508245b28cc9126a830142f0ef22
SHA-256: 746f17513ed085cf00a0f336983496b895cd7591dbb246420d8f477240868e96
nss-3.15.3-3.el5_10.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: c6d7cb76b25684ba8f7a2cc60068252f
SHA-256: 89c7dc03cf3de630601122ed5e203db336b88b8d60b4ebc30da0d15ea0b547d1
nss-3.15.3-3.el5_10.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 909bbf8f2c13d2269186372f7dc8767d
SHA-256: 34033f113f4f13af706edd273ccc9e205d33753ab0af6e1920c5b9dc460b8f66
nss-debuginfo-3.15.3-3.el5_10.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: f615a6c02bd2209b0f13a65e71120c71
SHA-256: 8e9bf9f0519fea294a034aa5cd7e36d6b3330f2365d1935831dff3d749c56b42
nss-debuginfo-3.15.3-3.el5_10.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: b660f64fe5016e0eaf7d82cbe4491013
SHA-256: 121dd336702420550c80992ee5acd81a722fda06130f5db3636d8ed6a32c8252
nss-devel-3.15.3-3.el5_10.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: 47cd74e120a43e7f2a5724a5b1dd3041
SHA-256: a31a6131a4b7688e8f17d338e1a8dcc6f5f61a637105fa97f3e52d0287c3503c
nss-devel-3.15.3-3.el5_10.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7061e91f873ca87af03f5cc5eb9555f2
SHA-256: 157e9eb24efdd5e6e9be3fb5b7db0fbf2972934a32cd99ce3b95b76f8280864f
nss-pkcs11-devel-3.15.3-3.el5_10.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: d9a6e6c98f7f1aa07771db020490ef73
SHA-256: 0f1489cfdc48d7afcf390a93e013c97250669a0b12a934f896d7b02c4aa6b852
nss-pkcs11-devel-3.15.3-3.el5_10.ppc64.rpm
File outdated by:  RHSA-2013:1861
    MD5: d518682102a255820253ffbf400c4b2a
SHA-256: 290dd9077212a1266cfb39249b12da302aec37a7b3af53bf588491ae8acc1e39
nss-tools-3.15.3-3.el5_10.ppc.rpm
File outdated by:  RHSA-2013:1861
    MD5: 6463202a9d57d21a026d2c528d141159
SHA-256: ef3c948ce39fe8159a31456d0188c8c222f0195f06d70f1ae07124e35aba060d
 
s390x:
nspr-4.10.2-2.el5_10.s390.rpm     MD5: 0a0146f6555451ccfac90f5c408dcdbd
SHA-256: 3b7f46554f7a9ceba6bbc91aebf74ddf0d47ddc5af0dfae79edadb029652c5ac
nspr-4.10.2-2.el5_10.s390x.rpm     MD5: 626b7d18be240dde28fffcb19660bb61
SHA-256: feaa346091fc959c2f261cf8689eff9d01139dfad71cbaed4b8eaa13e0a1f905
nspr-debuginfo-4.10.2-2.el5_10.s390.rpm     MD5: d91e5d86a380104403d681815fb0a1e5
SHA-256: 3bd8c26ccb49cfb3830a62cb2365ccc79e420527addec8008bb95f245184545e
nspr-debuginfo-4.10.2-2.el5_10.s390x.rpm     MD5: 716066c94fd33be64c191d05bea7568d
SHA-256: 0d460996ba755673a35443f90cd2d3f474630c61ac0fec9ecac885a73de281e1
nspr-devel-4.10.2-2.el5_10.s390.rpm     MD5: 57b09f768c9a2e6913b484ac9b7bd5bf
SHA-256: ba853e5172c9cc06a5e51f3438ae3e144a421a4a83f791ad0b97165e325cf61c
nspr-devel-4.10.2-2.el5_10.s390x.rpm     MD5: 99e3b4372a2d989a433ac0236201c516
SHA-256: 02231d19ffd8f86f7dd82f57232a9fe3a34f9ebb64968d49c4d79bab4de38bc1
nss-3.15.3-3.el5_10.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: 294ce380ddd08d04fe7ef364bb56bf7e
SHA-256: 60112225febb99aa57a884c6c5b001db138d05deed71e6c17faae02159867659
nss-3.15.3-3.el5_10.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: 0a1bed7f9a179f051742e8b813562821
SHA-256: 119d50371853b252d0a478bd740c168f3c24f1b48ed2d7f842fa28db6a5bc7af
nss-debuginfo-3.15.3-3.el5_10.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: f1d9f50999d1ace4addb296d40747ff7
SHA-256: 8b903a61b8137bd92f78f3d8f08127b7f6cec02c9da7c0a634e7cb52c82855fb
nss-debuginfo-3.15.3-3.el5_10.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: 818506e7abde28231e36911578826c99
SHA-256: e210dcfe40acc9077e3c7f407bae8a18152e197d1d06ea9a1890916bf7eacdca
nss-devel-3.15.3-3.el5_10.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: a7d5e1d5755a9c1263470043544ba9b9
SHA-256: 162706d560512154980aa4e4f0b5f99ab3747a9eb8759b8191565758cb75ead2
nss-devel-3.15.3-3.el5_10.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: a8a87e62318cfa6fe4fd793f5146bc30
SHA-256: 8da059a38e7b6dce93bf3f35471b38cfc41f99b933c13773a76b1a339b97cc59
nss-pkcs11-devel-3.15.3-3.el5_10.s390.rpm
File outdated by:  RHSA-2013:1861
    MD5: ecbd23834c2142e36fcb7d056468b374
SHA-256: cf9a9ba72855e19e24ca6e2fa8f98c46ea2efa97044f3a78692b4464e7b944aa
nss-pkcs11-devel-3.15.3-3.el5_10.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: 60cae9ea2ccb00c83f44855fcacc0dc4
SHA-256: a15a9e5d3b1da54345d4dc01a551af1e4e3f08fcd6cd162bc960ce4bee9d2101
nss-tools-3.15.3-3.el5_10.s390x.rpm
File outdated by:  RHSA-2013:1861
    MD5: 7538a88ddca9798a41277546914a4242
SHA-256: 27ac145a0fc4249f1b576c2d60c16a04febb96f128835d00934ce00e1360f7ca
 
x86_64:
nspr-4.10.2-2.el5_10.i386.rpm     MD5: 8658787a9cb545daddbc5d351c8dc0c4
SHA-256: d49fa42be509b5cd97176595995bb9f870912fbe99717cba5a0a701febced5a9
nspr-4.10.2-2.el5_10.x86_64.rpm     MD5: 4501985427546958710cd6c76e2d0717
SHA-256: e0ee88e84ada439facbecacfff56d533b8f8c9d2e4b328259d2c205d5118e768
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nspr-debuginfo-4.10.2-2.el5_10.x86_64.rpm     MD5: 6b70cbbf595d7636d0f8541665a29fe9
SHA-256: 867dacc9c294393c92b46afd046bc22a7c9574781182a4e3994414bbef482d82
nspr-devel-4.10.2-2.el5_10.i386.rpm     MD5: e13dd3efc145a728a91292254a7e38d8
SHA-256: c6f91202a0add3d726b4b0372b7fecfc2cd3684b64cbad49c9ab04c250d28a3f
nspr-devel-4.10.2-2.el5_10.x86_64.rpm     MD5: aeb814a5be0ecc922e35b71ca923217b
SHA-256: 15ff51f94fea5d986f4d8dee3b4f7ffc274ac4f1a3a0ff4c8c9e5a4965159319
nss-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9832bd0f6f263679e362aff901203725
SHA-256: c3e7c2ae02dd3c15688b011c6d0a726244a8b538ec9c9fd2e0a297442017f897
nss-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9785d61a806a1162c4fc923a1a8ca597
SHA-256: 8b2c0104929c31e599aa6e88c49a9ecc9d420dbbfd0ca99705af6cd824ab82ed
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-debuginfo-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: abd34c5c46798f958ac413e59281ac01
SHA-256: f4199f68c02b9f72c403070037c22c52c6a66426d5acf679c2b6b41817910cc1
nss-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: b231c7fa893c1c5b73fa0b946dbe34bd
SHA-256: 5db6988113f9b5bbf1ea60cef18c147143053ff3dce36566d756f11ae5436be5
nss-devel-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 2fe3fa8d2eb0c1341070868585f3e8a2
SHA-256: 62c2c49bbddecaf5e89234a982f0c5026daa0b7f9991170056b532005c4defe7
nss-pkcs11-devel-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: e270a346473c09e2a018a6202edf72d7
SHA-256: 030bb74aade851e41a228c2e12d253c7fcb86996c3e62a98d4f38038b1ce11dc
nss-pkcs11-devel-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: bad64e48c0da1fbd26d4ab1a068614a9
SHA-256: 7094b16a97e21ba007c844f7c7d8edbc1637d2fad27249e87c99193ff543d4ac
nss-tools-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 226ec306f059e80cf85b6555ce402d2f
SHA-256: 7fe1a75cda60f63e6710aac4f69d3e29ecc7986d05c91d670c96e9f640864555
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
nspr-4.10.2-2.el5_10.src.rpm     MD5: 597c2da8866e4750c7d3e224e8d76969
SHA-256: fcbbd12d49123657ce79eed12cb5a92bcf1ae24a71ad4d2a844c39d564ad148c
nss-3.15.3-3.el5_10.src.rpm
File outdated by:  RHSA-2013:1861
    MD5: 93012b3957cc2f7588099850b2b0c597
SHA-256: 4d06c4c92bb643866fb2f7d745d0f640c9a5fcd6d636e68487b0181c880bc24f
 
IA-32:
nspr-4.10.2-2.el5_10.i386.rpm     MD5: 8658787a9cb545daddbc5d351c8dc0c4
SHA-256: d49fa42be509b5cd97176595995bb9f870912fbe99717cba5a0a701febced5a9
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nss-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9832bd0f6f263679e362aff901203725
SHA-256: c3e7c2ae02dd3c15688b011c6d0a726244a8b538ec9c9fd2e0a297442017f897
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-tools-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 83daaa4d47396f43ce66f06d96923dde
SHA-256: ddaaa72b447d4a10c65af33542b066eb98a131a0955ed5fc3514397e438eac80
 
x86_64:
nspr-4.10.2-2.el5_10.i386.rpm     MD5: 8658787a9cb545daddbc5d351c8dc0c4
SHA-256: d49fa42be509b5cd97176595995bb9f870912fbe99717cba5a0a701febced5a9
nspr-4.10.2-2.el5_10.x86_64.rpm     MD5: 4501985427546958710cd6c76e2d0717
SHA-256: e0ee88e84ada439facbecacfff56d533b8f8c9d2e4b328259d2c205d5118e768
nspr-debuginfo-4.10.2-2.el5_10.i386.rpm     MD5: 21d7f32a939d2afb11fa73aa9a31ef5e
SHA-256: 5d938e9aa0713b7b8cdbb4c879522cc9d78186ac99ef1c1e42d5592f8862573e
nspr-debuginfo-4.10.2-2.el5_10.x86_64.rpm     MD5: 6b70cbbf595d7636d0f8541665a29fe9
SHA-256: 867dacc9c294393c92b46afd046bc22a7c9574781182a4e3994414bbef482d82
nss-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9832bd0f6f263679e362aff901203725
SHA-256: c3e7c2ae02dd3c15688b011c6d0a726244a8b538ec9c9fd2e0a297442017f897
nss-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 9785d61a806a1162c4fc923a1a8ca597
SHA-256: 8b2c0104929c31e599aa6e88c49a9ecc9d420dbbfd0ca99705af6cd824ab82ed
nss-debuginfo-3.15.3-3.el5_10.i386.rpm
File outdated by:  RHSA-2013:1861
    MD5: 446accf859ef956bf5fd7ad2b51287de
SHA-256: ab755e2a36d87f5250ac5a14021136fcb6b2b227a31904cd7bffc4b79211598e
nss-debuginfo-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: abd34c5c46798f958ac413e59281ac01
SHA-256: f4199f68c02b9f72c403070037c22c52c6a66426d5acf679c2b6b41817910cc1
nss-tools-3.15.3-3.el5_10.x86_64.rpm
File outdated by:  RHSA-2013:1861
    MD5: 226ec306f059e80cf85b6555ce402d2f
SHA-256: 7fe1a75cda60f63e6710aac4f69d3e29ecc7986d05c91d670c96e9f640864555
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1012740 - CVE-2013-1739 nss: Avoid uninitialized data read in the event of a decryption failure
1030807 - CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103)
1031457 - CVE-2013-5606 nss: CERT_VerifyCert returns SECSuccess (saying certificate is good) even for bad certificates (MFSA 2013-103)
1031458 - CVE-2013-1741 nss: Integer truncation in certificate parsing (MFSA 2013-103)
1031461 - CVE-2013-5607 nspr: Avoid unsigned integer wrapping in PL_ArenaAllocate (MFSA 2013-103)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/