Oracle Linux Security Advisory ELSA-2013-1144

https://access.redhat.com/errata/RHSA-2013:1144.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
nspr-4.9.5-2.el6_4.i686.rpm
nspr-devel-4.9.5-2.el6_4.i686.rpm
nss-3.14.3-4.0.1.el6_4.i686.rpm
nss-devel-3.14.3-4.0.1.el6_4.i686.rpm
nss-pkcs11-devel-3.14.3-4.0.1.el6_4.i686.rpm
nss-softokn-3.14.3-3.el6_4.i686.rpm
nss-softokn-devel-3.14.3-3.el6_4.i686.rpm
nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm
nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm
nss-sysinit-3.14.3-4.0.1.el6_4.i686.rpm
nss-tools-3.14.3-4.0.1.el6_4.i686.rpm
nss-util-3.14.3-3.el6_4.i686.rpm
nss-util-devel-3.14.3-3.el6_4.i686.rpm

x86_64:
nspr-4.9.5-2.el6_4.i686.rpm
nspr-4.9.5-2.el6_4.x86_64.rpm
nspr-devel-4.9.5-2.el6_4.i686.rpm
nspr-devel-4.9.5-2.el6_4.x86_64.rpm
nss-3.14.3-4.0.1.el6_4.i686.rpm
nss-3.14.3-4.0.1.el6_4.x86_64.rpm
nss-devel-3.14.3-4.0.1.el6_4.i686.rpm
nss-devel-3.14.3-4.0.1.el6_4.x86_64.rpm
nss-pkcs11-devel-3.14.3-4.0.1.el6_4.i686.rpm
nss-pkcs11-devel-3.14.3-4.0.1.el6_4.x86_64.rpm
nss-softokn-3.14.3-3.el6_4.i686.rpm
nss-softokn-3.14.3-3.el6_4.x86_64.rpm
nss-softokn-devel-3.14.3-3.el6_4.i686.rpm
nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm
nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm
nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpm
nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm
nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm
nss-sysinit-3.14.3-4.0.1.el6_4.x86_64.rpm
nss-tools-3.14.3-4.0.1.el6_4.x86_64.rpm
nss-util-3.14.3-3.el6_4.i686.rpm
nss-util-3.14.3-3.el6_4.x86_64.rpm
nss-util-devel-3.14.3-3.el6_4.i686.rpm
nss-util-devel-3.14.3-3.el6_4.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol6/SRPMS-updates/nspr-4.9.5-2.el6_4.src.rpm
https://oss.oracle.com:443/ol6/SRPMS-updates/nss-3.14.3-4.0.1.el6_4.src.rpm
https://oss.oracle.com:443/ol6/SRPMS-updates/nss-softokn-3.14.3-3.el6_4.src.rpm
https://oss.oracle.com:443/ol6/SRPMS-updates/nss-util-3.14.3-3.el6_4.src.rpm



Description of changes:

nspr
[4.9.5-2]
- Update to NSPR_4_9_5_RTM
- Resolves: rhbz#927186 - Rebase to nspr-4.9.5
- Add upstream URL for an existing patch per packaging guidelines

[4.9.5-1]
- Resolves: Rebase to nspr-4.9.5

[4.9.2-1]
- Update to nspr-4.9.2
- Related: rhbz#863286

nss
[3.14.3-4.0.1.el6_4]
- Added nss-vendor.patch to change vendor

[3.14.3-4]
- Revert to accepting MD5 on digital signatures by default
- Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled

[3.14.3-3]
- Ensure pem uses system freebl as with this update freebl brings in new 
API's
- Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the 
lucky-13 issue

[3.14.3-2]
- Install sechash.h and secmodt.h which are now provided by nss-devel
- Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the 
lucky-13 issue
- Remove unsafe -r option from commands that remove headers already 
shipped by nss-util and nss-softoken

[3.14.3-1]
- Update to NSS_3.14.3_RTM
- Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the 
lucky-13 issue
- Update expired test certificates (fixed in upstream bug 852781)
- Sync up pem module's rsawrapr.c with softoken's upstream changes for 
nss-3.14.3
- Reactivate the aia tests

nss-softokn
[3.14.3-3]
- Add patch to conditionally compile according to old or new sqlite api
- new is used on rhel-6 while rhel-5 uses old but we need the same code 
for both
- Resolves: rhbz#927158 - Rebase to nss-softokn 3.14.3 to fix the 
lucky-13 issue

[3.14.3-2]
- Revert to using a code patch for relro support
- Related: rhbz#927158

[3.14.3-1]
- Update to NSS_3_14_3_RTM
- Resolves: rhbz#927158 - Rebase to nss-softokn 3.14.3 to fix the 
lucky-13 issue
- Add export LD_LIBRARY_PATH=//usr/lib before the signing commands in 
__spec_install_post scriplet
to ensure signing tool links with in-tree freebl so verification uses 
same algorithm as in signing
- Add %check section to run the upstream crypto reqression test suite as 
per packaging guidelines
- Don't install sechash.h or secmodt.h which as per 3.14 are provided by 
nss-devel
- Update the licence to MPLv2.0

[3.12.9-12]
- Bootstrapping of the builroot in preparation for rebase to 3.14.3
- Remove hasht.h from the %files devel list to prevent update conflicts 
with nss-util
- With 3.14.3 hasht.h will be provided by nss-util-devel
- Related: rhbz#927158 - rebase nss-softokn to 3.14.3

nss-util
[3.14.3-3]
- Resolves: rhbz#984967 - nssutil_ReadSecmodDB leaks memory

[3.14.3-2]
- Revert to accepting MD5 on digital signatures by default
- Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled

[3.14.3-1]
- Update to NSS_3_14_3_RTM
- Resolves: rhbz#927171 - Rebase to 3.14.3 as part of the fix for the 
lucky-13 issue

Oracle6: ELSA-2013-1144: nss Moderate Security Update

The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network:

Summary

nspr [4.9.5-2] - Update to NSPR_4_9_5_RTM - Resolves: rhbz#927186 - Rebase to nspr-4.9.5 - Add upstream URL for an existing patch per packaging guidelines [4.9.5-1] - Resolves: Rebase to nspr-4.9.5 [4.9.2-1] - Update to nspr-4.9.2 - Related: rhbz#863286 nss [3.14.3-4.0.1.el6_4] - Added nss-vendor.patch to change vendor [3.14.3-4] - Revert to accepting MD5 on digital signatures by default - Resolves: rhbz#957603 - nss 3.14 - MD5 hash algorithm disabled [3.14.3-3] - Ensure pem uses system freebl as with this update freebl brings in new API's - Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue [3.14.3-2] - Install sechash.h and secmodt.h which are now provided by nss-devel - Resolves: rhbz#927157 - [RFE][RHEL6] Rebase to nss-3.14.3 to fix the lucky-13 issue - Remove unsafe -r option from commands that remove headers already shipped by nss-util and nss-softoken [3.14.3-1] - Update to NSS_3.14.3_RTM - Resolves: rhbz#927157 - [RFE][RHEL6] Reba...

Read the Full Advisory

SRPMs

https://oss.oracle.com:443/ol6/SRPMS-updates/nspr-4.9.5-2.el6_4.src.rpm https://oss.oracle.com:443/ol6/SRPMS-updates/nss-3.14.3-4.0.1.el6_4.src.rpm https://oss.oracle.com:443/ol6/SRPMS-updates/nss-softokn-3.14.3-3.el6_4.src.rpm https://oss.oracle.com:443/ol6/SRPMS-updates/nss-util-3.14.3-3.el6_4.src.rpm

x86_64

nspr-4.9.5-2.el6_4.i686.rpm nspr-4.9.5-2.el6_4.x86_64.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.x86_64.rpm nss-3.14.3-4.0.1.el6_4.i686.rpm nss-3.14.3-4.0.1.el6_4.x86_64.rpm nss-devel-3.14.3-4.0.1.el6_4.i686.rpm nss-devel-3.14.3-4.0.1.el6_4.x86_64.rpm nss-pkcs11-devel-3.14.3-4.0.1.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.0.1.el6_4.x86_64.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.x86_64.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.x86_64.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.x86_64.rpm nss-sysinit-3.14.3-4.0.1.el6_4.x86_64.rpm nss-tools-3.14.3-4.0.1.el6_4.x86_64.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.x86_64.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.x86_64.rpm

aarch64

i386

nspr-4.9.5-2.el6_4.i686.rpm nspr-devel-4.9.5-2.el6_4.i686.rpm nss-3.14.3-4.0.1.el6_4.i686.rpm nss-devel-3.14.3-4.0.1.el6_4.i686.rpm nss-pkcs11-devel-3.14.3-4.0.1.el6_4.i686.rpm nss-softokn-3.14.3-3.el6_4.i686.rpm nss-softokn-devel-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-3.14.3-3.el6_4.i686.rpm nss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm nss-sysinit-3.14.3-4.0.1.el6_4.i686.rpm nss-tools-3.14.3-4.0.1.el6_4.i686.rpm nss-util-3.14.3-3.el6_4.i686.rpm nss-util-devel-3.14.3-3.el6_4.i686.rpm

Severity

Related News