ID CVE-2014-1569
Summary The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00. <a href="http://cwe.mitre.org/data/definitions/444.html">CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')</a>
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 22-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1200921
    title Rebase nspr to 4.10.8 for Firefox 38 ESR [RHEL-5.11]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment nspr is earlier than 0:4.10.8-1.el5_11
            oval oval:com.redhat.rhba:tst:20150925001
          • comment nspr is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925002
        • AND
          • comment nspr-devel is earlier than 0:4.10.8-1.el5_11
            oval oval:com.redhat.rhba:tst:20150925003
          • comment nspr-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925004
        • AND
          • comment nss is earlier than 0:3.18.0-6.el5_11
            oval oval:com.redhat.rhba:tst:20150925005
          • comment nss is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925006
        • AND
          • comment nss-devel is earlier than 0:3.18.0-6.el5_11
            oval oval:com.redhat.rhba:tst:20150925007
          • comment nss-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925008
        • AND
          • comment nss-pkcs11-devel is earlier than 0:3.18.0-6.el5_11
            oval oval:com.redhat.rhba:tst:20150925009
          • comment nss-pkcs11-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925010
        • AND
          • comment nss-tools is earlier than 0:3.18.0-6.el5_11
            oval oval:com.redhat.rhba:tst:20150925011
          • comment nss-tools is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925012
    rhsa
    id RHBA-2015:0925
    released 2015-05-05
    severity Low
    title RHBA-2015:0925: nss and nspr bug fix and enhancement update (Low)
  • bugzilla
    id 1207052
    title Rebase nss to 3.18 for Firefox 38 ESR [RHEL-6.6]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment nspr is earlier than 0:4.10.8-1.el6_6
            oval oval:com.redhat.rhba:tst:20150926001
          • comment nspr is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364002
        • AND
          • comment nspr-devel is earlier than 0:4.10.8-1.el6_6
            oval oval:com.redhat.rhba:tst:20150926003
          • comment nspr-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364004
        • AND
          • comment nss-util is earlier than 0:3.18.0-1.el6_6
            oval oval:com.redhat.rhba:tst:20150926005
          • comment nss-util is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364016
        • AND
          • comment nss-util-devel is earlier than 0:3.18.0-1.el6_6
            oval oval:com.redhat.rhba:tst:20150926007
          • comment nss-util-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364018
        • AND
          • comment nss is earlier than 0:3.18.0-5.3.el6_6
            oval oval:com.redhat.rhba:tst:20150926009
          • comment nss is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364006
        • AND
          • comment nss-devel is earlier than 0:3.18.0-5.3.el6_6
            oval oval:com.redhat.rhba:tst:20150926011
          • comment nss-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364008
        • AND
          • comment nss-pkcs11-devel is earlier than 0:3.18.0-5.3.el6_6
            oval oval:com.redhat.rhba:tst:20150926013
          • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364010
        • AND
          • comment nss-sysinit is earlier than 0:3.18.0-5.3.el6_6
            oval oval:com.redhat.rhba:tst:20150926015
          • comment nss-sysinit is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364012
        • AND
          • comment nss-tools is earlier than 0:3.18.0-5.3.el6_6
            oval oval:com.redhat.rhba:tst:20150926017
          • comment nss-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364014
    rhsa
    id RHBA-2015:0926
    released 2015-05-05
    severity Low
    title RHBA-2015:0926: nss, nss-util, and nspr bug fix and enhancement update (Low)
  • bugzilla
    id 1211373
    title [RHEL7.1] nss-util 3.18 rebase required for firefox 38 ESR
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment nspr is earlier than 0:4.10.8-1.el7_1
            oval oval:com.redhat.rhba:tst:20150965001
          • comment nspr is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364002
        • AND
          • comment nspr-devel is earlier than 0:4.10.8-1.el7_1
            oval oval:com.redhat.rhba:tst:20150965003
          • comment nspr-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364004
        • AND
          • comment nss-util is earlier than 0:3.18.0-1.el7_1
            oval oval:com.redhat.rhba:tst:20150965005
          • comment nss-util is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364016
        • AND
          • comment nss-util-devel is earlier than 0:3.18.0-1.el7_1
            oval oval:com.redhat.rhba:tst:20150965007
          • comment nss-util-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364018
        • AND
          • comment nss is earlier than 0:3.18.0-2.2.el7_1
            oval oval:com.redhat.rhba:tst:20150965009
          • comment nss is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364006
        • AND
          • comment nss-devel is earlier than 0:3.18.0-2.2.el7_1
            oval oval:com.redhat.rhba:tst:20150965011
          • comment nss-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364008
        • AND
          • comment nss-pkcs11-devel is earlier than 0:3.18.0-2.2.el7_1
            oval oval:com.redhat.rhba:tst:20150965013
          • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364010
        • AND
          • comment nss-sysinit is earlier than 0:3.18.0-2.2.el7_1
            oval oval:com.redhat.rhba:tst:20150965015
          • comment nss-sysinit is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364012
        • AND
          • comment nss-tools is earlier than 0:3.18.0-2.2.el7_1
            oval oval:com.redhat.rhba:tst:20150965017
          • comment nss-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364014
    rhsa
    id RHBA-2015:0965
    released 2015-05-12
    severity Low
    title RHBA-2015:0965: nss, nss-util, and nspr bug fix and enhancement update (Low)
rpms
  • nspr-0:4.10.8-1.el5_11
  • nspr-debuginfo-0:4.10.8-1.el5_11
  • nspr-devel-0:4.10.8-1.el5_11
  • nss-0:3.18.0-6.el5_11
  • nss-debuginfo-0:3.18.0-6.el5_11
  • nss-devel-0:3.18.0-6.el5_11
  • nss-pkcs11-devel-0:3.18.0-6.el5_11
  • nss-tools-0:3.18.0-6.el5_11
  • nspr-0:4.10.8-1.el6_6
  • nspr-debuginfo-0:4.10.8-1.el6_6
  • nspr-devel-0:4.10.8-1.el6_6
  • nss-0:3.18.0-5.3.el6_6
  • nss-debuginfo-0:3.18.0-5.3.el6_6
  • nss-devel-0:3.18.0-5.3.el6_6
  • nss-pkcs11-devel-0:3.18.0-5.3.el6_6
  • nss-sysinit-0:3.18.0-5.3.el6_6
  • nss-tools-0:3.18.0-5.3.el6_6
  • nss-util-0:3.18.0-1.el6_6
  • nss-util-debuginfo-0:3.18.0-1.el6_6
  • nss-util-devel-0:3.18.0-1.el6_6
  • nspr-0:4.10.8-1.ael7b_1
  • nspr-0:4.10.8-1.el7_1
  • nspr-debuginfo-0:4.10.8-1.ael7b_1
  • nspr-debuginfo-0:4.10.8-1.el7_1
  • nspr-devel-0:4.10.8-1.ael7b_1
  • nspr-devel-0:4.10.8-1.el7_1
  • nss-0:3.18.0-2.2.ael7b_1
  • nss-0:3.18.0-2.2.el7_1
  • nss-debuginfo-0:3.18.0-2.2.ael7b_1
  • nss-debuginfo-0:3.18.0-2.2.el7_1
  • nss-devel-0:3.18.0-2.2.ael7b_1
  • nss-devel-0:3.18.0-2.2.el7_1
  • nss-pkcs11-devel-0:3.18.0-2.2.ael7b_1
  • nss-pkcs11-devel-0:3.18.0-2.2.el7_1
  • nss-sysinit-0:3.18.0-2.2.ael7b_1
  • nss-sysinit-0:3.18.0-2.2.el7_1
  • nss-tools-0:3.18.0-2.2.ael7b_1
  • nss-tools-0:3.18.0-2.2.el7_1
  • nss-util-0:3.18.0-1.ael7b_1
  • nss-util-0:3.18.0-1.el7_1
  • nss-util-debuginfo-0:3.18.0-1.ael7b_1
  • nss-util-debuginfo-0:3.18.0-1.el7_1
  • nss-util-devel-0:3.18.0-1.ael7b_1
  • nss-util-devel-0:3.18.0-1.el7_1
refmap via4
confirm
debian DSA-3186
misc
sectrack 1032909
suse
  • SUSE-SU-2015:0171
  • SUSE-SU-2015:0173
  • SUSE-SU-2015:0180
  • openSUSE-SU-2015:0138
  • openSUSE-SU-2015:0404
Last major update 22-09-2017 - 01:29
Published 15-12-2014 - 18:59
Last modified 22-09-2017 - 01:29
Back to Top