[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1Vj8bR-0004JU-1f@titan.mandriva.com>
Date: Wed, 20 Nov 2013 15:18:00 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2013:270 ] nss
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2013:270
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : nss
Date : November 20, 2013
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Multiple security issues was identified and fixed in mozilla NSPR
and NSS:
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure
that data structures are initialized before read operations, which
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors that trigger a decryption failure
(CVE-2013-1739).
Integer overflow in Mozilla Network Security Services (NSS) 3.15 before
3.15.3 allows remote attackers to cause a denial of service or possibly
have unspecified other impact via a large size value (CVE-2013-1741).
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has
many single-byte biases, which makes it easier for remote attackers
to conduct plaintext-recovery attacks via statistical analysis of
ciphertext in a large number of sessions that use the same plaintext
(CVE-2013-2566).
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15
before 3.15.3 allows remote attackers to cause a denial of service or
possibly have unspecified other impact via invalid handshake packets
(CVE-2013-5605).
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla
Network Security Services (NSS) 3.15 before 3.15.3 provides an
unexpected return value for an incompatible key-usage certificate
when the CERTVerifyLog argument is valid, which might allow remote
attackers to bypass intended access restrictions via a crafted
certificate (CVE-2013-5606).
Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape
Portable Runtime (NSPR) before 4.10.2, as used in Firefox before
25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and
SeaMonkey before 2.22.1, allows remote attackers to cause a denial of
service (application crash) or possibly have unspecified other impact
via a crafted X.509 certificate, a related issue to CVE-2013-1741
(CVE-2013-5607).
The NSPR packages has been upgraded to the 4.10.2 version and the NSS
packages has been upgraded to the 3.15.3 version which is unaffected
by these security flaws.
Additionally the rootcerts packages has been upgraded with the latest
certdata.txt file as of 2013/11/11 from mozilla.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes
http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
https://bugs.mageia.org/show_bug.cgi?id=11669
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
af301c60ddcc18b8ac42c0b4435cbad3 mbs1/x86_64/lib64nspr4-4.10.2-1.mbs1.x86_64.rpm
a496a08623a9f89d2399d80e4fe868a7 mbs1/x86_64/lib64nspr-devel-4.10.2-1.mbs1.x86_64.rpm
ae3456fb3d674f99aef454a60dbe282a mbs1/x86_64/lib64nss3-3.15.3-1.mbs1.x86_64.rpm
9188809d70b632b2482acee08a4ddc0b mbs1/x86_64/lib64nss-devel-3.15.3-1.mbs1.x86_64.rpm
532704e8d72973d2dd61fe2698f893e4 mbs1/x86_64/lib64nss-static-devel-3.15.3-1.mbs1.x86_64.rpm
8f4ae3f02feb8d9f9c9efc8c257035e8 mbs1/x86_64/nss-3.15.3-1.mbs1.x86_64.rpm
8ae40ad195e46d8a2b30621dfcef3ace mbs1/x86_64/nss-doc-3.15.3-1.mbs1.noarch.rpm
59917a5345c7938ee1ac234a64a4cbfb mbs1/x86_64/rootcerts-20131111.00-1.mbs1.x86_64.rpm
e118b1fef3401a9aad6502d31ac38bcc mbs1/x86_64/rootcerts-java-20131111.00-1.mbs1.x86_64.rpm
1cd846051eae1d454f8886ae6472da92 mbs1/SRPMS/nspr-4.10.2-1.mbs1.src.rpm
f2b93d77bf10bb16f24803677c2a5432 mbs1/SRPMS/nss-3.15.3-1.mbs1.src.rpm
72294310b8fb899d0e04fe1762e77f75 mbs1/SRPMS/rootcerts-20131111.00-1.mbs1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFSjJyxmqjQ0CJFipgRAvI3AJoDX5AXeQAKdSGxDE4mtdmcrtY3JACcDJzS
4rxtjYRyYkAzUzpzhQfi2B4=
=dXuI
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists