Mangelnde Prüfung von Zertifikaten in nss-util
ID: | FEDORA-2014-1120 |
Distribution: | Fedora |
Plattformen: | Fedora 20 |
Datum: | Di, 21. Januar 2014, 07:56 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740 |
Applikationen: | NSS |
Originalnachricht |
|
Name : nss-util Product : Fedora 20 Version : 3.15.4 Release : 1.fc20 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Utilities Library Description : Utilities for Network Security Services and the Softoken module -------------------------------------------------------------------------------- Update Information: Update of the nss, nss-softokn, and nss-util packages to nss-3.15.4, a patch release for NSS 3.15 which includes the following security-relevant bug: (CVE-2013-1740) When false start is enabled, libssl will sometimes return unencrypted, unauthenticated data from PR_Recv For further details refer to the nss upstream release notes at https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 7 2014 Elio Maldonado |