ID CVE-2017-7502
Summary Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:network_security_services:3.24.0
    cpe:2.3:a:mozilla:network_security_services:3.24.0
  • cpe:2.3:a:mozilla:network_security_services:3.25.0
    cpe:2.3:a:mozilla:network_security_services:3.25.0
  • cpe:2.3:a:mozilla:network_security_services:3.25.1
    cpe:2.3:a:mozilla:network_security_services:3.25.1
  • cpe:2.3:a:mozilla:network_security_services:3.26.0
    cpe:2.3:a:mozilla:network_security_services:3.26.0
  • cpe:2.3:a:mozilla:network_security_services:3.26.2
    cpe:2.3:a:mozilla:network_security_services:3.26.2
  • cpe:2.3:a:mozilla:network_security_services:3.27.0
    cpe:2.3:a:mozilla:network_security_services:3.27.0
  • cpe:2.3:a:mozilla:network_security_services:3.27.1
    cpe:2.3:a:mozilla:network_security_services:3.27.1
  • cpe:2.3:a:mozilla:network_security_services:3.27.2
    cpe:2.3:a:mozilla:network_security_services:3.27.2
  • cpe:2.3:a:mozilla:network_security_services:3.28.0
    cpe:2.3:a:mozilla:network_security_services:3.28.0
  • cpe:2.3:a:mozilla:network_security_services:3.28.1
    cpe:2.3:a:mozilla:network_security_services:3.28.1
  • cpe:2.3:a:mozilla:network_security_services:3.28.2
    cpe:2.3:a:mozilla:network_security_services:3.28.2
  • Mozilla Network Security Services (NSS) 3.28.3
    cpe:2.3:a:mozilla:network_security_services:3.28.3
  • cpe:2.3:a:mozilla:network_security_services:3.29.0
    cpe:2.3:a:mozilla:network_security_services:3.29.0
  • cpe:2.3:a:mozilla:network_security_services:3.29.1
    cpe:2.3:a:mozilla:network_security_services:3.29.1
  • cpe:2.3:a:mozilla:network_security_services:3.29.2
    cpe:2.3:a:mozilla:network_security_services:3.29.2
  • Mozilla Network Security Services (NSS) 3.29.3
    cpe:2.3:a:mozilla:network_security_services:3.29.3
  • cpe:2.3:a:mozilla:network_security_services:3.30.0
    cpe:2.3:a:mozilla:network_security_services:3.30.0
  • cpe:2.3:a:mozilla:network_security_services:3.30.1
    cpe:2.3:a:mozilla:network_security_services:3.30.1
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3336-1.NASL
    description It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-01-31
    modified 2018-01-30
    plugin id 100988
    published 2017-06-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100988
    title Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : nss vulnerability (USN-3336-1)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-1365.NASL
    description An update for nss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)
    last seen 2018-01-26
    modified 2018-01-25
    plugin id 100556
    published 2017-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100556
    title CentOS 7 : nss (CESA-2017:1365)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-1365.NASL
    description From Red Hat Security Advisory 2017:1365 : An update for nss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 100526
    published 2017-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100526
    title Oracle Linux 7 : nss (ELSA-2017-1365)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1365.NASL
    description An update for nss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421)
    last seen 2018-01-26
    modified 2018-01-25
    plugin id 100532
    published 2017-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100532
    title RHEL 7 : nss (RHSA-2017:1365)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-971.NASL
    description CVE-2017-7502 A NULL pointer dereference vulnerability in NSS was found when server receives empty SSLv2 messages. This issue was introduced with the recent removal of SSLv2 protocol from upstream code in 3.24.0 and introduction of dedicated parser able to handle just sslv2-style hello messages. For Debian 7 'Wheezy', this problem has been fixed in version 2:3.26-1+debu7u4. We recommend that you upgrade your nss packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 100559
    published 2017-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100559
    title Debian DLA-971-1 : nss security update
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170530_NSS_ON_SL6_X.NASL
    description Security Fix(es) : - A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : - The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, consider installing the updated CA list on June 12, 2017.
    last seen 2018-01-27
    modified 2018-01-26
    plugin id 100535
    published 2017-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100535
    title Scientific Linux Security Update : nss on SL6.x i386/x86_64
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-848.NASL
    description NULL pointer dereference when handling empty SSLv2 messages : A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502)
    last seen 2018-04-19
    modified 2018-04-18
    plugin id 101001
    published 2017-06-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101001
    title Amazon Linux AMI : nss (ALAS-2017-848)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3872.NASL
    description Several vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service or information disclosure.
    last seen 2018-01-30
    modified 2018-01-29
    plugin id 100580
    published 2017-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100580
    title Debian DSA-3872-1 : nss - security update
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-1364.NASL
    description From Red Hat Security Advisory 2017:1364 : An update for nss is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1448488)
    last seen 2018-02-02
    modified 2018-02-01
    plugin id 100525
    published 2017-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100525
    title Oracle Linux 6 : nss (ELSA-2017-1364)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1364.NASL
    description An update for nss is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1448488)
    last seen 2018-01-26
    modified 2018-01-25
    plugin id 100531
    published 2017-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100531
    title RHEL 6 : nss (RHSA-2017:1364)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170530_NSS_ON_SL7_X.NASL
    description Security Fix(es) : - A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : - The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, consider installing the updated CA list on June 12, 2017.
    last seen 2018-01-27
    modified 2018-01-26
    plugin id 100536
    published 2017-05-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100536
    title Scientific Linux Security Update : nss on SL7.x x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-1364.NASL
    description An update for nss is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1448488)
    last seen 2018-01-26
    modified 2018-01-25
    plugin id 100555
    published 2017-06-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100555
    title CentOS 6 : nss (CESA-2017:1364)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-1365.NASL
    description An update for nss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1451421) Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-06-14
    modified 2018-06-13
    plugin id 101476
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101476
    title Virtuozzo 7 : nss / nss-devel / nss-pkcs11-devel / nss-sysinit / etc (VZLSA-2017-1365)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-1364.NASL
    description An update for nss is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es) : * A NULL pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es) : * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, Red Hat recommends installing the updated CA list on June 12, 2017. (BZ#1448488) Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-06-14
    modified 2018-06-13
    plugin id 101475
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101475
    title Virtuozzo 6 : nss / nss-devel / nss-pkcs11-devel / nss-sysinit / etc (VZLSA-2017-1364)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1108.NASL
    description According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-06-14
    modified 2018-06-13
    plugin id 100701
    published 2017-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100701
    title EulerOS 2.0 SP1 : nss (EulerOS-SA-2017-1108)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1109.NASL
    description According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-06-14
    modified 2018-06-13
    plugin id 100702
    published 2017-06-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100702
    title EulerOS 2.0 SP2 : nss (EulerOS-SA-2017-1109)
redhat via4
advisories
  • bugzilla
    id 1446631
    title CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment nss is earlier than 0:3.28.4-3.el6_9
          oval oval:com.redhat.rhsa:tst:20171364005
        • comment nss is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862006
      • AND
        • comment nss-devel is earlier than 0:3.28.4-3.el6_9
          oval oval:com.redhat.rhsa:tst:20171364009
        • comment nss-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862014
      • AND
        • comment nss-pkcs11-devel is earlier than 0:3.28.4-3.el6_9
          oval oval:com.redhat.rhsa:tst:20171364013
        • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862010
      • AND
        • comment nss-sysinit is earlier than 0:3.28.4-3.el6_9
          oval oval:com.redhat.rhsa:tst:20171364011
        • comment nss-sysinit is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862008
      • AND
        • comment nss-tools is earlier than 0:3.28.4-3.el6_9
          oval oval:com.redhat.rhsa:tst:20171364007
        • comment nss-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862012
    rhsa
    id RHSA-2017:1364
    released 2017-05-30
    severity Important
    title RHSA-2017:1364: nss security and bug fix update (Important)
  • bugzilla
    id 1446631
    title CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment nss is earlier than 0:3.28.4-1.2.el7_3
          oval oval:com.redhat.rhsa:tst:20171365007
        • comment nss is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862006
      • AND
        • comment nss-devel is earlier than 0:3.28.4-1.2.el7_3
          oval oval:com.redhat.rhsa:tst:20171365009
        • comment nss-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862014
      • AND
        • comment nss-pkcs11-devel is earlier than 0:3.28.4-1.2.el7_3
          oval oval:com.redhat.rhsa:tst:20171365011
        • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862010
      • AND
        • comment nss-sysinit is earlier than 0:3.28.4-1.2.el7_3
          oval oval:com.redhat.rhsa:tst:20171365005
        • comment nss-sysinit is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862008
      • AND
        • comment nss-tools is earlier than 0:3.28.4-1.2.el7_3
          oval oval:com.redhat.rhsa:tst:20171365013
        • comment nss-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100862012
    rhsa
    id RHSA-2017:1365
    released 2017-05-30
    severity Important
    title RHSA-2017:1365: nss security and bug fix update (Important)
  • rhsa
    id RHSA-2017:1567
  • rhsa
    id RHSA-2017:1712
rpms
  • nss-0:3.28.4-3.el6_9
  • nss-devel-0:3.28.4-3.el6_9
  • nss-pkcs11-devel-0:3.28.4-3.el6_9
  • nss-sysinit-0:3.28.4-3.el6_9
  • nss-tools-0:3.28.4-3.el6_9
  • nss-0:3.28.4-1.2.el7_3
  • nss-devel-0:3.28.4-1.2.el7_3
  • nss-pkcs11-devel-0:3.28.4-1.2.el7_3
  • nss-sysinit-0:3.28.4-1.2.el7_3
  • nss-tools-0:3.28.4-1.2.el7_3
refmap via4
bid 98744
confirm
debian DSA-3872
sectrack 1038579
Last major update 30-05-2017 - 14:29
Published 30-05-2017 - 14:29
Last modified 04-01-2018 - 21:31
Back to Top