- Issued:
- 2012-02-20
- Updated:
- 2012-02-20
RHBA-2012:0291 - Bug Fix Advisory
Synopsis
nss and nspr bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated nss and nspr packages that fix three bugs and add one enhancement are
now available for Red Hat Enterprise Linux 5.
Description
The Network Security Services (NSS) libraries support the cross-platform
development of security-enabled clients and server applications, the Netscape
Portable Runtime (NSPR) provides platform independence for non-GUI operating
system facilities.
This update fixes the following bugs:
- Prior to this update, the selinux policy for mod_nss did not allow for correct
handling of access vector caches (AVC). As a consequence, AVC could fail when
running NSS. This update modifies the selinux policy so that AVC is handled as
expected. (BZ#348761)
- Prior to this update, the crmf library used a maximum length of 2048 bits for
wrapped private keys. As a consequence, private keys exceeding the maximum
lengths failed. With this update, the maximum key length is now identical with
the the maximum modulus length. (BZ#704595)
- Prior to this update, certain file descriptors were not closed. As a
consequence, a file descriptor leak resulted upon continued reloading of the
httpd service. This update modifies the underlying code and the descriptors are
now correctly closed. (BZ#713373)
All NSS and NSPR users are advised to upgrade to these updated packages, which
fix these bugs and add this enhancement.
Solution
Before applying this update, make sure all previously-released errata relevant
to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 348761 - AVC failure in CVE-2007-4465 due to mod_nss (bad selinux policy)
- BZ - 704595 - lib crmf uses a hard-coded maximum size of 2048 for wrapped private keys
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| nspr-4.8.8-2.el5.src.rpm | SHA-256: fe61bc897c00231c5f5faac690171eec9e22a53b2d8177dc0dbc9886d7d3736d |
| nss-3.12.10-8.el5.src.rpm | SHA-256: 8d16e9fd8a5ee48b6f46c23a6d6c4ce24f2a68e51400e03c40f132f331603b86 |
| x86_64 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-4.8.8-2.el5.x86_64.rpm | SHA-256: 599a91463e6fc8b02470473d5b0a4c3bb3ad8bd5b7344a6d5b17dd29bbb2d6b1 |
| nspr-devel-4.8.8-2.el5.i386.rpm | SHA-256: 3009eec267ac3c7e15ba58be4e0bcc6d146b3e7e3ad69ce6b34d78474d5a1e1d |
| nspr-devel-4.8.8-2.el5.x86_64.rpm | SHA-256: f81b9d4df7c1a672e3c25c1b3c59faf7711f25f7c133983489c354c2e8a9fc90 |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-3.12.10-8.el5.x86_64.rpm | SHA-256: 02bd32afdb724dfcf591841bc76ef334a723f75fd2af09b79f469546d8c5f669 |
| nss-devel-3.12.10-8.el5.i386.rpm | SHA-256: f2a7e57eefd2623899d8f6db91014e85787520acabce8fcde41b7f8a1ba5254d |
| nss-devel-3.12.10-8.el5.x86_64.rpm | SHA-256: 749fe0dd31bfbdd4f9e8062d8995dc4998ec1f83b3b80595b1e23c33fa326aa2 |
| nss-pkcs11-devel-3.12.10-8.el5.i386.rpm | SHA-256: aca063ea88f2bf625915f305d86ad5290d6b113d992ff5d552402fe25855a509 |
| nss-pkcs11-devel-3.12.10-8.el5.x86_64.rpm | SHA-256: 30f7646ceae2cd087e0b9dd1e8fdfc5676c97e1b240bb8944e613a09766bc867 |
| nss-tools-3.12.10-8.el5.x86_64.rpm | SHA-256: b94963bb0e1cccd36835d94a10c1d1729ff94d22e113343fd6255945ad5c4fe6 |
| ia64 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-4.8.8-2.el5.ia64.rpm | SHA-256: e5e688fbee45bfd64dd6b259753b812cb9ed9d3afcdbb28be7a6bffca0f860fe |
| nspr-devel-4.8.8-2.el5.ia64.rpm | SHA-256: 50371de1115e662cec07287d9188b70813bd4ac14076188cf99c0464157f7f62 |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-3.12.10-8.el5.ia64.rpm | SHA-256: 61eed2e4bd33a29acacb9f1669f2e30ebeb9c55730d930fbff0904bc399cddcb |
| nss-devel-3.12.10-8.el5.ia64.rpm | SHA-256: 90bbf84f1529ce1888d8db81185d00b68fef8e5c51980df9b2ed7a68156768aa |
| nss-pkcs11-devel-3.12.10-8.el5.ia64.rpm | SHA-256: 80d07d1e7534fdb052305ed21bc1fc5a51b2642b10f74cf4f78bda09e43f297b |
| nss-tools-3.12.10-8.el5.ia64.rpm | SHA-256: 7f5829032585e01f860d7bd8ad8377a81522824c43b96d42124d8cc48b52ee04 |
| i386 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-devel-4.8.8-2.el5.i386.rpm | SHA-256: 3009eec267ac3c7e15ba58be4e0bcc6d146b3e7e3ad69ce6b34d78474d5a1e1d |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-devel-3.12.10-8.el5.i386.rpm | SHA-256: f2a7e57eefd2623899d8f6db91014e85787520acabce8fcde41b7f8a1ba5254d |
| nss-pkcs11-devel-3.12.10-8.el5.i386.rpm | SHA-256: aca063ea88f2bf625915f305d86ad5290d6b113d992ff5d552402fe25855a509 |
| nss-tools-3.12.10-8.el5.i386.rpm | SHA-256: 35cc2415db8f58a0595717ce6a7b8a410e5930a6503c10b32f066235b3f2c5c8 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| nspr-4.8.8-2.el5.src.rpm | SHA-256: fe61bc897c00231c5f5faac690171eec9e22a53b2d8177dc0dbc9886d7d3736d |
| nss-3.12.10-8.el5.src.rpm | SHA-256: 8d16e9fd8a5ee48b6f46c23a6d6c4ce24f2a68e51400e03c40f132f331603b86 |
| x86_64 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-4.8.8-2.el5.x86_64.rpm | SHA-256: 599a91463e6fc8b02470473d5b0a4c3bb3ad8bd5b7344a6d5b17dd29bbb2d6b1 |
| nspr-devel-4.8.8-2.el5.i386.rpm | SHA-256: 3009eec267ac3c7e15ba58be4e0bcc6d146b3e7e3ad69ce6b34d78474d5a1e1d |
| nspr-devel-4.8.8-2.el5.x86_64.rpm | SHA-256: f81b9d4df7c1a672e3c25c1b3c59faf7711f25f7c133983489c354c2e8a9fc90 |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-3.12.10-8.el5.x86_64.rpm | SHA-256: 02bd32afdb724dfcf591841bc76ef334a723f75fd2af09b79f469546d8c5f669 |
| nss-devel-3.12.10-8.el5.i386.rpm | SHA-256: f2a7e57eefd2623899d8f6db91014e85787520acabce8fcde41b7f8a1ba5254d |
| nss-devel-3.12.10-8.el5.x86_64.rpm | SHA-256: 749fe0dd31bfbdd4f9e8062d8995dc4998ec1f83b3b80595b1e23c33fa326aa2 |
| nss-pkcs11-devel-3.12.10-8.el5.i386.rpm | SHA-256: aca063ea88f2bf625915f305d86ad5290d6b113d992ff5d552402fe25855a509 |
| nss-pkcs11-devel-3.12.10-8.el5.x86_64.rpm | SHA-256: 30f7646ceae2cd087e0b9dd1e8fdfc5676c97e1b240bb8944e613a09766bc867 |
| nss-tools-3.12.10-8.el5.x86_64.rpm | SHA-256: b94963bb0e1cccd36835d94a10c1d1729ff94d22e113343fd6255945ad5c4fe6 |
| i386 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-devel-4.8.8-2.el5.i386.rpm | SHA-256: 3009eec267ac3c7e15ba58be4e0bcc6d146b3e7e3ad69ce6b34d78474d5a1e1d |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-devel-3.12.10-8.el5.i386.rpm | SHA-256: f2a7e57eefd2623899d8f6db91014e85787520acabce8fcde41b7f8a1ba5254d |
| nss-pkcs11-devel-3.12.10-8.el5.i386.rpm | SHA-256: aca063ea88f2bf625915f305d86ad5290d6b113d992ff5d552402fe25855a509 |
| nss-tools-3.12.10-8.el5.i386.rpm | SHA-256: 35cc2415db8f58a0595717ce6a7b8a410e5930a6503c10b32f066235b3f2c5c8 |
Red Hat Enterprise Linux Desktop 5
| SRPM | |
|---|---|
| nspr-4.8.8-2.el5.src.rpm | SHA-256: fe61bc897c00231c5f5faac690171eec9e22a53b2d8177dc0dbc9886d7d3736d |
| nss-3.12.10-8.el5.src.rpm | SHA-256: 8d16e9fd8a5ee48b6f46c23a6d6c4ce24f2a68e51400e03c40f132f331603b86 |
| x86_64 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-4.8.8-2.el5.x86_64.rpm | SHA-256: 599a91463e6fc8b02470473d5b0a4c3bb3ad8bd5b7344a6d5b17dd29bbb2d6b1 |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-3.12.10-8.el5.x86_64.rpm | SHA-256: 02bd32afdb724dfcf591841bc76ef334a723f75fd2af09b79f469546d8c5f669 |
| nss-tools-3.12.10-8.el5.x86_64.rpm | SHA-256: b94963bb0e1cccd36835d94a10c1d1729ff94d22e113343fd6255945ad5c4fe6 |
| i386 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-tools-3.12.10-8.el5.i386.rpm | SHA-256: 35cc2415db8f58a0595717ce6a7b8a410e5930a6503c10b32f066235b3f2c5c8 |
Red Hat Enterprise Linux for IBM z Systems 5
| SRPM | |
|---|---|
| nspr-4.8.8-2.el5.src.rpm | SHA-256: fe61bc897c00231c5f5faac690171eec9e22a53b2d8177dc0dbc9886d7d3736d |
| nss-3.12.10-8.el5.src.rpm | SHA-256: 8d16e9fd8a5ee48b6f46c23a6d6c4ce24f2a68e51400e03c40f132f331603b86 |
| s390x | |
| nspr-4.8.8-2.el5.s390.rpm | SHA-256: 6c996aa58aef6befbcc74b3388fb39aff7691b853794561c2c0cbb696ad2b9fc |
| nspr-4.8.8-2.el5.s390x.rpm | SHA-256: 75165a25021fb230adb6beaa9774b042e06aadf3c94f73f851ccd79b4b78d11d |
| nspr-devel-4.8.8-2.el5.s390.rpm | SHA-256: 3d780e6dc1c77c481ad4120237bb3ceab6da9a05ff98c85df905f9248c18a4e1 |
| nspr-devel-4.8.8-2.el5.s390x.rpm | SHA-256: 13718b6f376e36f4a0c0e32e5efc02cd112c094555946ba55c8e9d194de9b1a2 |
| nss-3.12.10-8.el5.s390.rpm | SHA-256: 4d6fdae948183a7bff6d3d4745836cdb562ae29f2e813003999f25467eaffed4 |
| nss-3.12.10-8.el5.s390x.rpm | SHA-256: 9dc32e722fff41dc4cfc514a94f2ce827889ec1d41074f182994b16285953555 |
| nss-devel-3.12.10-8.el5.s390.rpm | SHA-256: f9ec94d944901627402cfafdbf8a017beaa75a6c3940e1f55ddaaf15dbd7f0d4 |
| nss-devel-3.12.10-8.el5.s390x.rpm | SHA-256: 000531520ddf47a02fd7c547563bd6325d7e8da63411b4b38e811376a3a00cff |
| nss-pkcs11-devel-3.12.10-8.el5.s390.rpm | SHA-256: 48c4162a0befcba8a48d0bc014ce1fdd133b0e549c618a6cb6e4ba4887bac7f9 |
| nss-pkcs11-devel-3.12.10-8.el5.s390x.rpm | SHA-256: 0d57aee0913ad55d234b52cf0ea271c16125f77193a7458e86e393ab7b999c6a |
| nss-tools-3.12.10-8.el5.s390x.rpm | SHA-256: c1c2a6f9b2ca2fe5a21ec827b7707bdea912c9a4265d0489a1a45628b6b576e2 |
Red Hat Enterprise Linux for Power, big endian 5
| SRPM | |
|---|---|
| nspr-4.8.8-2.el5.src.rpm | SHA-256: fe61bc897c00231c5f5faac690171eec9e22a53b2d8177dc0dbc9886d7d3736d |
| nss-3.12.10-8.el5.src.rpm | SHA-256: 8d16e9fd8a5ee48b6f46c23a6d6c4ce24f2a68e51400e03c40f132f331603b86 |
| ppc | |
| nspr-4.8.8-2.el5.ppc.rpm | SHA-256: dd28f52f2864295a5e589692c359f6ced1878bc0f2d006f5b5702d23ca5f1a3e |
| nspr-4.8.8-2.el5.ppc64.rpm | SHA-256: 053e0b943cd9cf62832fcdbd0d0c3aad4fab3426a50c3d19de8ae91f235f58da |
| nspr-devel-4.8.8-2.el5.ppc.rpm | SHA-256: 0083688f5d13469967f69c9f48c68177b6688a306709d5704c2a39f20b1c908d |
| nspr-devel-4.8.8-2.el5.ppc64.rpm | SHA-256: 1cd8d5c3dd7d8c48a4f0db509563cdc3630ebbbae1ab4a6e9861374dcb67fb0f |
| nss-3.12.10-8.el5.ppc.rpm | SHA-256: 365ec90c35ad902fbf2a6b6d30322836e704ea1cd45973e2b288a3d7340bd0c7 |
| nss-3.12.10-8.el5.ppc64.rpm | SHA-256: 45ba754f1ef72bc3d3ca8466a2b733c45fc5a9efb1b654c189a8229f2a811e59 |
| nss-devel-3.12.10-8.el5.ppc.rpm | SHA-256: 5c473db6612b8c97147443051864f667984798400725cbeb62fecf335a5c069b |
| nss-devel-3.12.10-8.el5.ppc64.rpm | SHA-256: d760455b62703bcc7948c816842511013e4cd317e33f5682f4eba8a41220ad80 |
| nss-pkcs11-devel-3.12.10-8.el5.ppc.rpm | SHA-256: eb677bcc77c1e4bc0b9506e7ec345297c9476ecb7ec8c82bef2e2205687a12a3 |
| nss-pkcs11-devel-3.12.10-8.el5.ppc64.rpm | SHA-256: 424cb06d7e7bc9229d2f13b15982c45fefa15ad1f580c1e67155cf25e58556ec |
| nss-tools-3.12.10-8.el5.ppc.rpm | SHA-256: fe296dffdcee259b051fd38e41bbec746a2199b17c3f72314d76bea577882847 |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| nspr-4.8.8-2.el5.src.rpm | SHA-256: fe61bc897c00231c5f5faac690171eec9e22a53b2d8177dc0dbc9886d7d3736d |
| nss-3.12.10-8.el5.src.rpm | SHA-256: 8d16e9fd8a5ee48b6f46c23a6d6c4ce24f2a68e51400e03c40f132f331603b86 |
| x86_64 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-4.8.8-2.el5.x86_64.rpm | SHA-256: 599a91463e6fc8b02470473d5b0a4c3bb3ad8bd5b7344a6d5b17dd29bbb2d6b1 |
| nspr-devel-4.8.8-2.el5.i386.rpm | SHA-256: 3009eec267ac3c7e15ba58be4e0bcc6d146b3e7e3ad69ce6b34d78474d5a1e1d |
| nspr-devel-4.8.8-2.el5.x86_64.rpm | SHA-256: f81b9d4df7c1a672e3c25c1b3c59faf7711f25f7c133983489c354c2e8a9fc90 |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-3.12.10-8.el5.x86_64.rpm | SHA-256: 02bd32afdb724dfcf591841bc76ef334a723f75fd2af09b79f469546d8c5f669 |
| nss-devel-3.12.10-8.el5.i386.rpm | SHA-256: f2a7e57eefd2623899d8f6db91014e85787520acabce8fcde41b7f8a1ba5254d |
| nss-devel-3.12.10-8.el5.x86_64.rpm | SHA-256: 749fe0dd31bfbdd4f9e8062d8995dc4998ec1f83b3b80595b1e23c33fa326aa2 |
| nss-pkcs11-devel-3.12.10-8.el5.i386.rpm | SHA-256: aca063ea88f2bf625915f305d86ad5290d6b113d992ff5d552402fe25855a509 |
| nss-pkcs11-devel-3.12.10-8.el5.x86_64.rpm | SHA-256: 30f7646ceae2cd087e0b9dd1e8fdfc5676c97e1b240bb8944e613a09766bc867 |
| nss-tools-3.12.10-8.el5.x86_64.rpm | SHA-256: b94963bb0e1cccd36835d94a10c1d1729ff94d22e113343fd6255945ad5c4fe6 |
| i386 | |
| nspr-4.8.8-2.el5.i386.rpm | SHA-256: b851a45c74592b461231a2fb7e22424133c3aff291394f61cc3d2e6f7b904042 |
| nspr-devel-4.8.8-2.el5.i386.rpm | SHA-256: 3009eec267ac3c7e15ba58be4e0bcc6d146b3e7e3ad69ce6b34d78474d5a1e1d |
| nss-3.12.10-8.el5.i386.rpm | SHA-256: 83c1d080c84e05ae47d498ec937fd046912ebfee767896a12ff25f4ab1894b2e |
| nss-devel-3.12.10-8.el5.i386.rpm | SHA-256: f2a7e57eefd2623899d8f6db91014e85787520acabce8fcde41b7f8a1ba5254d |
| nss-pkcs11-devel-3.12.10-8.el5.i386.rpm | SHA-256: aca063ea88f2bf625915f305d86ad5290d6b113d992ff5d552402fe25855a509 |
| nss-tools-3.12.10-8.el5.i386.rpm | SHA-256: 35cc2415db8f58a0595717ce6a7b8a410e5930a6503c10b32f066235b3f2c5c8 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
