ID CVE-2014-1569
Summary The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00. <a href="http://cwe.mitre.org/data/definitions/444.html">CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')</a>
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 22-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1200921
    title Rebase nspr to 4.10.8 for Firefox 38 ESR [RHEL-5.11]
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment nspr is earlier than 0:4.10.8-1.el5_11
          oval oval:com.redhat.rhba:tst:20150925002
        • comment nspr is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20150925003
      • AND
        • comment nspr-devel is earlier than 0:4.10.8-1.el5_11
          oval oval:com.redhat.rhba:tst:20150925004
        • comment nspr-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20150925005
      • AND
        • comment nss is earlier than 0:3.18.0-6.el5_11
          oval oval:com.redhat.rhba:tst:20150925012
        • comment nss is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20150925013
      • AND
        • comment nss-devel is earlier than 0:3.18.0-6.el5_11
          oval oval:com.redhat.rhba:tst:20150925008
        • comment nss-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20150925009
      • AND
        • comment nss-pkcs11-devel is earlier than 0:3.18.0-6.el5_11
          oval oval:com.redhat.rhba:tst:20150925006
        • comment nss-pkcs11-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20150925007
      • AND
        • comment nss-tools is earlier than 0:3.18.0-6.el5_11
          oval oval:com.redhat.rhba:tst:20150925010
        • comment nss-tools is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhba:tst:20150925011
    rhsa
    released 2015-05-05
    severity None
    title RHBA-2015:0925: nss and nspr bug fix and enhancement update (None)
  • bugzilla
    id 1207052
    title Rebase nss to 3.18 for Firefox 38 ESR [RHEL-6.6]
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment nspr is earlier than 0:4.10.8-1.el6_6
          oval oval:com.redhat.rhba:tst:20150926005
        • comment nspr is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364006
      • AND
        • comment nspr-devel is earlier than 0:4.10.8-1.el6_6
          oval oval:com.redhat.rhba:tst:20150926007
        • comment nspr-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364008
      • AND
        • comment nss-util is earlier than 0:3.18.0-1.el6_6
          oval oval:com.redhat.rhba:tst:20150926009
        • comment nss-util is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364020
      • AND
        • comment nss-util-devel is earlier than 0:3.18.0-1.el6_6
          oval oval:com.redhat.rhba:tst:20150926011
        • comment nss-util-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364022
      • AND
        • comment nss is earlier than 0:3.18.0-5.3.el6_6
          oval oval:com.redhat.rhba:tst:20150926021
        • comment nss is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364010
      • AND
        • comment nss-devel is earlier than 0:3.18.0-5.3.el6_6
          oval oval:com.redhat.rhba:tst:20150926013
        • comment nss-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364016
      • AND
        • comment nss-pkcs11-devel is earlier than 0:3.18.0-5.3.el6_6
          oval oval:com.redhat.rhba:tst:20150926019
        • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364018
      • AND
        • comment nss-sysinit is earlier than 0:3.18.0-5.3.el6_6
          oval oval:com.redhat.rhba:tst:20150926017
        • comment nss-sysinit is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364014
      • AND
        • comment nss-tools is earlier than 0:3.18.0-5.3.el6_6
          oval oval:com.redhat.rhba:tst:20150926015
        • comment nss-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364012
    rhsa
    released 2015-05-05
    severity None
    title RHBA-2015:0926: nss, nss-util, and nspr bug fix and enhancement update (None)
  • bugzilla
    id 1211373
    title [RHEL7.1] nss-util 3.18 rebase required for firefox 38 ESR
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment nspr is earlier than 0:4.10.8-1.el7_1
          oval oval:com.redhat.rhba:tst:20150965005
        • comment nspr is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364006
      • AND
        • comment nspr-devel is earlier than 0:4.10.8-1.el7_1
          oval oval:com.redhat.rhba:tst:20150965007
        • comment nspr-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364008
      • AND
        • comment nss-util is earlier than 0:3.18.0-1.el7_1
          oval oval:com.redhat.rhba:tst:20150965009
        • comment nss-util is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364020
      • AND
        • comment nss-util-devel is earlier than 0:3.18.0-1.el7_1
          oval oval:com.redhat.rhba:tst:20150965011
        • comment nss-util-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364022
      • AND
        • comment nss is earlier than 0:3.18.0-2.2.el7_1
          oval oval:com.redhat.rhba:tst:20150965015
        • comment nss is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364010
      • AND
        • comment nss-devel is earlier than 0:3.18.0-2.2.el7_1
          oval oval:com.redhat.rhba:tst:20150965017
        • comment nss-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364016
      • AND
        • comment nss-pkcs11-devel is earlier than 0:3.18.0-2.2.el7_1
          oval oval:com.redhat.rhba:tst:20150965013
        • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364018
      • AND
        • comment nss-sysinit is earlier than 0:3.18.0-2.2.el7_1
          oval oval:com.redhat.rhba:tst:20150965021
        • comment nss-sysinit is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364014
      • AND
        • comment nss-tools is earlier than 0:3.18.0-2.2.el7_1
          oval oval:com.redhat.rhba:tst:20150965019
        • comment nss-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150364012
    rhsa
    released 2015-05-12
    severity None
    title RHBA-2015:0965: nss, nss-util, and nspr bug fix and enhancement update (None)
rpms
  • nspr-0:4.10.8-1.el5_11
  • nspr-devel-0:4.10.8-1.el5_11
  • nss-0:3.18.0-6.el5_11
  • nss-devel-0:3.18.0-6.el5_11
  • nss-pkcs11-devel-0:3.18.0-6.el5_11
  • nss-tools-0:3.18.0-6.el5_11
  • nspr-0:4.10.8-1.el6_6
  • nspr-devel-0:4.10.8-1.el6_6
  • nss-util-0:3.18.0-1.el6_6
  • nss-util-devel-0:3.18.0-1.el6_6
  • nss-0:3.18.0-5.3.el6_6
  • nss-devel-0:3.18.0-5.3.el6_6
  • nss-pkcs11-devel-0:3.18.0-5.3.el6_6
  • nss-sysinit-0:3.18.0-5.3.el6_6
  • nss-tools-0:3.18.0-5.3.el6_6
  • nspr-0:4.10.8-1.el7_1
  • nspr-devel-0:4.10.8-1.el7_1
  • nss-util-0:3.18.0-1.el7_1
  • nss-util-devel-0:3.18.0-1.el7_1
  • nss-0:3.18.0-2.2.el7_1
  • nss-devel-0:3.18.0-2.2.el7_1
  • nss-pkcs11-devel-0:3.18.0-2.2.el7_1
  • nss-sysinit-0:3.18.0-2.2.el7_1
  • nss-tools-0:3.18.0-2.2.el7_1
refmap via4
confirm
debian DSA-3186
misc
sectrack 1032909
suse
  • SUSE-SU-2015:0171
  • SUSE-SU-2015:0173
  • SUSE-SU-2015:0180
  • openSUSE-SU-2015:0138
  • openSUSE-SU-2015:0404
Last major update 22-09-2017 - 01:29
Published 15-12-2014 - 18:59
Back to Top