CVE-2015-2730 - Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firef

CVE-2015-2730

Summary

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.6.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.7.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.7.0:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*
cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 22-10-2024 - 13:54)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

redhat via4

advisories

bugzilla

id	1236967
title	CVE-2015-2721 NSS: incorrectly permited skipping of ServerKeyExchange (MFSA 2015-71)

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment nss is earlier than 0:3.19.1-1.el5_11
oval oval:com.redhat.rhsa:tst:20151664001
comment nss is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925006
AND
comment nss-devel is earlier than 0:3.19.1-1.el5_11
oval oval:com.redhat.rhsa:tst:20151664003
comment nss-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925008

AND

comment nss-pkcs11-devel is earlier than 0:3.19.1-1.el5_11
oval oval:com.redhat.rhsa:tst:20151664005
comment nss-pkcs11-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925010

AND
comment nss-tools is earlier than 0:3.19.1-1.el5_11
oval oval:com.redhat.rhsa:tst:20151664007
comment nss-tools is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925012

rhsa

id	RHSA-2015:1664
released	2015-08-24
severity	Moderate
title	RHSA-2015:1664: nss security, bug fix, and enhancement update (Moderate)

bugzilla

id	1236954
title	CVE-2015-2730 NSS: ECDSA signature validation fails to handle some signatures correctly (MFSA 2015-64)

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment nss-softokn is earlier than 0:3.14.3-23.el6_7
oval oval:com.redhat.rhsa:tst:20151699001
comment nss-softokn is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364020

AND

comment nss-softokn-devel is earlier than 0:3.14.3-23.el6_7
oval oval:com.redhat.rhsa:tst:20151699003
comment nss-softokn-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364022

AND

comment nss-softokn-freebl is earlier than 0:3.14.3-23.el6_7
oval oval:com.redhat.rhsa:tst:20151699005
comment nss-softokn-freebl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364024

AND

comment nss-softokn-freebl-devel is earlier than 0:3.14.3-23.el6_7
oval oval:com.redhat.rhsa:tst:20151699007
comment nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND

comment nss-softokn is earlier than 0:3.16.2.3-13.el7_1
oval oval:com.redhat.rhsa:tst:20151699010
comment nss-softokn is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364020

AND

comment nss-softokn-devel is earlier than 0:3.16.2.3-13.el7_1
oval oval:com.redhat.rhsa:tst:20151699011
comment nss-softokn-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364022

AND

comment nss-softokn-freebl is earlier than 0:3.16.2.3-13.el7_1
oval oval:com.redhat.rhsa:tst:20151699012
comment nss-softokn-freebl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364024

AND

comment nss-softokn-freebl-devel is earlier than 0:3.16.2.3-13.el7_1
oval oval:com.redhat.rhsa:tst:20151699013
comment nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364026

rhsa

id	RHSA-2015:1699
released	2015-09-01
severity	Moderate
title	RHSA-2015:1699: nss-softokn security update (Moderate)

rpms

nss-0:3.19.1-1.el5_11
nss-debuginfo-0:3.19.1-1.el5_11
nss-devel-0:3.19.1-1.el5_11
nss-pkcs11-devel-0:3.19.1-1.el5_11
nss-tools-0:3.19.1-1.el5_11
nss-softokn-0:3.14.3-23.el6_7
nss-softokn-0:3.16.2.3-13.ael7b_1
nss-softokn-0:3.16.2.3-13.el7_1
nss-softokn-debuginfo-0:3.14.3-23.el6_7
nss-softokn-debuginfo-0:3.16.2.3-13.ael7b_1
nss-softokn-debuginfo-0:3.16.2.3-13.el7_1
nss-softokn-devel-0:3.14.3-23.el6_7
nss-softokn-devel-0:3.16.2.3-13.ael7b_1
nss-softokn-devel-0:3.16.2.3-13.el7_1
nss-softokn-freebl-0:3.14.3-23.el6_7
nss-softokn-freebl-0:3.16.2.3-13.ael7b_1
nss-softokn-freebl-0:3.16.2.3-13.el7_1
nss-softokn-freebl-devel-0:3.14.3-23.el6_7
nss-softokn-freebl-devel-0:3.16.2.3-13.ael7b_1
nss-softokn-freebl-devel-0:3.16.2.3-13.el7_1

refmap via4

bid	75541 83399
confirm	http://www.mozilla.org/security/announce/2015/mfsa2015-64.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html https://bugzilla.mozilla.org/show_bug.cgi?id=1125025 https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
debian	DSA-3336
gentoo	GLSA-201512-10
sectrack	1032783
suse	SUSE-SU-2015:1268 SUSE-SU-2015:1269 SUSE-SU-2015:1449 openSUSE-SU-2015:1229 openSUSE-SU-2015:1266
ubuntu	USN-2656-1 USN-2656-2 USN-2672-1

Last major update

22-10-2024 - 13:54

Published

06-07-2015 - 02:01

Last modified

22-10-2024 - 13:54