| Description: | Summary:
The remote host is missing an update for the 'nspr, nss' package(s) announced via the ELSA-2013-1791 advisory.
Vulnerability Insight:
nspr
[4.10.2-2]
- Fix changelog comments
- Resolves: rhbz#1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws [rhel-5.10]
[4.10.2-1]
- Update to nspr-4.10.2
- Remove an unused patch
- Resolves: rhbz#1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws [rhel-5.10]
[4.10.0-2]
- Retagging to fix an inconsistency in the release tags
- Resolves: rhbz#1002641 - Rebase RHEL 5 to NSPR 4.10 (for FF 24.x)
[4.9.5-1]
- Rebase to nspr-4.10.0
- Resolves: rhbz#1002641 - Rebase RHEL 5 to NSPR 4.10 (for FF 24.x)
nss
[3.15.3-3]
- remove unnecessary and problematic template-removal patch
which was added as part of the 3.15.1 rebase
- bump release number
[3.15.3-1]
- Update to nss-3.15.3
- Remove unused patch
- Resolves: rhbz#1032466 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws [rhel-5.10]
[3.15.1-2]
- Remove unused patches
- Resolves: rhbz#1033478 - Rebase RHEL 5 to NSS 3.15.1 (for FF 24.x)
[3.15.1-1]
- Rebase to nss-3.15.1
- Resolves: rhbz#1033478 - Rebase RHEL 5 to NSS 3.15.1 (for FF 24.x)
- Resolves: rhbz#1033499 - [Regression] NSS no longer trusts MD5 certificates
- Split %check section tests in two: freebl/softoken and rest of nss tests
- Adjust various patches and spec file steps on account of the rebase
- Add various patches and remove obsoleted ones on account of the rebase
- Renumber patches so freeb/softoken ones match the corresponding ones in rhel-6 nss-softokn
Affected Software/OS:
'nspr, nss' package(s) on Oracle Linux 5.
Solution:
Please install the updated package(s).
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
