Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2015:1664 - Security Advisory
Issued:
2015-08-24
Updated:
2015-08-24

RHSA-2015:1664 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: nss security, bug fix, and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated nss packages that fix two security issues, several bugs, and add
various enhancements are now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

Description

Network Security Services (NSS) is a set of libraries designed to support
cross-platform development of security-enabled client and server
applications.

It was found that NSS permitted skipping of the ServerKeyExchange packet
during a handshake involving ECDHE (Elliptic Curve Diffie-Hellman key
Exchange). A remote attacker could use this flaw to bypass the
forward-secrecy of a TLS/SSL connection. (CVE-2015-2721)

A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve
Digital Signature Algorithm) signatures. Under certain conditions, an
attacker could use this flaw to conduct signature forgery attacks.
(CVE-2015-2730)

Red Hat would like to thank the Mozilla project for reporting this issue.
Upstream acknowledges Karthikeyan Bhargavan as the original reporter of
CVE-2015-2721, and Watson Ladd as the original reporter of CVE-2015-2730.

The nss packages have been upgraded to upstream version 3.19.1, which
provides a number of bug fixes and enhancements over the previous version.

All nss users are advised to upgrade to these updated packages, which
correct these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 1236954 - CVE-2015-2730 NSS: ECDSA signature validation fails to handle some signatures correctly (MFSA 2015-64)
  • BZ - 1236967 - CVE-2015-2721 NSS: incorrectly permited skipping of ServerKeyExchange (MFSA 2015-71)

CVEs

  • CVE-2015-2721
  • CVE-2015-2730

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://www.mozilla.org/security/announce/2015/mfsa2015-64.html
  • https://www.mozilla.org/security/announce/2015/mfsa2015-71.html
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
nss-3.19.1-1.el5_11.src.rpm SHA-256: 087a2562d464d8714143a2de7091d2fce55865af8faa26385144608b68ca5387
x86_64
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-3.19.1-1.el5_11.x86_64.rpm SHA-256: b44fc83caa47a77f51e5eac55187e01d9bf3cb175b453f647efc4c3bff3dced0
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.x86_64.rpm SHA-256: e9f7514fa54ebca47005ef9a3fa84771e6ee28be21411d6b291097bbab1d7dc7
nss-devel-3.19.1-1.el5_11.i386.rpm SHA-256: c6512ce29107af71f9445ad8767b8a621efb1fd23aedba8360a738e6069d880f
nss-devel-3.19.1-1.el5_11.x86_64.rpm SHA-256: 8c5b98cfd48497fb8a22d384ac7882d645176c489915f8e6c52d1d695448bffa
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm SHA-256: 9057173fb985d2c9293f527176a34e0023a1381050b1618c372eb40f1194afa1
nss-pkcs11-devel-3.19.1-1.el5_11.x86_64.rpm SHA-256: cdf9daf7e4a5d6931532aa5723b04b3b147dd523a1885971781f289b5068eef1
nss-tools-3.19.1-1.el5_11.x86_64.rpm SHA-256: 84160f7ea637fed75205a6fd4250615e5794d2ba083d798005b1256d8c0f2f77
ia64
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-3.19.1-1.el5_11.ia64.rpm SHA-256: 28b63e6262f50d667270e01fe1edc897ec1df39362c3bcf78114c5abb780c8e5
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.ia64.rpm SHA-256: d02e1a3cdee46e3f03c65ad8636f430edc9758c426e1b673ace3fa01bc9e69c9
nss-devel-3.19.1-1.el5_11.ia64.rpm SHA-256: f277415f31136f46a59275f985e048ba200bb74887648aaacab28ab7873e3051
nss-pkcs11-devel-3.19.1-1.el5_11.ia64.rpm SHA-256: 2ea62aecaebc2ede8ffa22a4714ee7f4addd7e80d86f1d970480aa6ac83357b7
nss-tools-3.19.1-1.el5_11.ia64.rpm SHA-256: be66a9dfa3801a1c8978ea0b356d9ac45c3698662ca39667c20195dfe67ed285
i386
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-devel-3.19.1-1.el5_11.i386.rpm SHA-256: c6512ce29107af71f9445ad8767b8a621efb1fd23aedba8360a738e6069d880f
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm SHA-256: 9057173fb985d2c9293f527176a34e0023a1381050b1618c372eb40f1194afa1
nss-tools-3.19.1-1.el5_11.i386.rpm SHA-256: dbfd09bf3ccce0411e60125f070dc9520966254018b92a471be97f788d920520

Red Hat Enterprise Linux Workstation 5

SRPM
nss-3.19.1-1.el5_11.src.rpm SHA-256: 087a2562d464d8714143a2de7091d2fce55865af8faa26385144608b68ca5387
x86_64
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-3.19.1-1.el5_11.x86_64.rpm SHA-256: b44fc83caa47a77f51e5eac55187e01d9bf3cb175b453f647efc4c3bff3dced0
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.x86_64.rpm SHA-256: e9f7514fa54ebca47005ef9a3fa84771e6ee28be21411d6b291097bbab1d7dc7
nss-debuginfo-3.19.1-1.el5_11.x86_64.rpm SHA-256: e9f7514fa54ebca47005ef9a3fa84771e6ee28be21411d6b291097bbab1d7dc7
nss-devel-3.19.1-1.el5_11.i386.rpm SHA-256: c6512ce29107af71f9445ad8767b8a621efb1fd23aedba8360a738e6069d880f
nss-devel-3.19.1-1.el5_11.x86_64.rpm SHA-256: 8c5b98cfd48497fb8a22d384ac7882d645176c489915f8e6c52d1d695448bffa
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm SHA-256: 9057173fb985d2c9293f527176a34e0023a1381050b1618c372eb40f1194afa1
nss-pkcs11-devel-3.19.1-1.el5_11.x86_64.rpm SHA-256: cdf9daf7e4a5d6931532aa5723b04b3b147dd523a1885971781f289b5068eef1
nss-tools-3.19.1-1.el5_11.x86_64.rpm SHA-256: 84160f7ea637fed75205a6fd4250615e5794d2ba083d798005b1256d8c0f2f77
i386
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-devel-3.19.1-1.el5_11.i386.rpm SHA-256: c6512ce29107af71f9445ad8767b8a621efb1fd23aedba8360a738e6069d880f
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm SHA-256: 9057173fb985d2c9293f527176a34e0023a1381050b1618c372eb40f1194afa1
nss-tools-3.19.1-1.el5_11.i386.rpm SHA-256: dbfd09bf3ccce0411e60125f070dc9520966254018b92a471be97f788d920520

Red Hat Enterprise Linux Desktop 5

SRPM
nss-3.19.1-1.el5_11.src.rpm SHA-256: 087a2562d464d8714143a2de7091d2fce55865af8faa26385144608b68ca5387
x86_64
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-3.19.1-1.el5_11.x86_64.rpm SHA-256: b44fc83caa47a77f51e5eac55187e01d9bf3cb175b453f647efc4c3bff3dced0
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.x86_64.rpm SHA-256: e9f7514fa54ebca47005ef9a3fa84771e6ee28be21411d6b291097bbab1d7dc7
nss-tools-3.19.1-1.el5_11.x86_64.rpm SHA-256: 84160f7ea637fed75205a6fd4250615e5794d2ba083d798005b1256d8c0f2f77
i386
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-tools-3.19.1-1.el5_11.i386.rpm SHA-256: dbfd09bf3ccce0411e60125f070dc9520966254018b92a471be97f788d920520

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
nss-3.19.1-1.el5_11.src.rpm SHA-256: 087a2562d464d8714143a2de7091d2fce55865af8faa26385144608b68ca5387
s390x
nss-3.19.1-1.el5_11.s390.rpm SHA-256: 12e4e49a54396cdd993cfe9f7d143c4c3820e4efbb2b0c46f2f7fb6367ad14ba
nss-3.19.1-1.el5_11.s390x.rpm SHA-256: 01c975a3d29490ffa7d919aa285587f3c6a08368b0fbf745dd0e11129c0cb0bc
nss-debuginfo-3.19.1-1.el5_11.s390.rpm SHA-256: 1f55bc36bbf01005f6f840f33ebe98055b1493deb51966fd9b116e038acd9bd8
nss-debuginfo-3.19.1-1.el5_11.s390x.rpm SHA-256: 5010351960e0f0bbee5913853095308c73fbc333cd2a7b53827edaf537a4c342
nss-devel-3.19.1-1.el5_11.s390.rpm SHA-256: e8e7c9965d3cb666d8d7c0ac172ae62f652f346064a16c1ff0aee47b580a87f7
nss-devel-3.19.1-1.el5_11.s390x.rpm SHA-256: 2136eb159a7a42a3c7fbe72d1a5c1db3d5c6df624b17066e348ebcbb900bb870
nss-pkcs11-devel-3.19.1-1.el5_11.s390.rpm SHA-256: c60e02b769e0da9c5eb00c4fe649aa8b7daee13d6fd17e8f20a6e1433f3791dd
nss-pkcs11-devel-3.19.1-1.el5_11.s390x.rpm SHA-256: 123446db8271d5098ee92ba416b1d2b9d045ea9d6af69eac17a06650ce7c135f
nss-tools-3.19.1-1.el5_11.s390x.rpm SHA-256: 41df7a3d304a6850c68c7a1fa1ff58f8a32144187313b0c411cd5801ed6e5746

Red Hat Enterprise Linux for Power, big endian 5

SRPM
nss-3.19.1-1.el5_11.src.rpm SHA-256: 087a2562d464d8714143a2de7091d2fce55865af8faa26385144608b68ca5387
ppc
nss-3.19.1-1.el5_11.ppc.rpm SHA-256: b7f85cf1985292fa96b20bc53b5ea86313584c63861e4310bdd1b39946f9719e
nss-3.19.1-1.el5_11.ppc64.rpm SHA-256: 393e68139c8867f54c22959e3322dbf4fb7fa66851d7c595a8c4296dbd3c1b89
nss-debuginfo-3.19.1-1.el5_11.ppc.rpm SHA-256: 4608cf85bd86c7760e3eeddaa93551df6c8ae622954a7e107bd1a3d9b6d29908
nss-debuginfo-3.19.1-1.el5_11.ppc64.rpm SHA-256: 3b21818e635de1518b3b1ddf18648308faf6bdae525b504bd6c0bda8b1f46a12
nss-devel-3.19.1-1.el5_11.ppc.rpm SHA-256: e8b1b3f41115e3ba4e128bdd9a375bb508d87cbed5218c97b3bce8d87dab5bc0
nss-devel-3.19.1-1.el5_11.ppc64.rpm SHA-256: 11dce892a5aab9a6b3830dfdf29bac68cebd54fb2e0fb4fb9d45649d962b2951
nss-pkcs11-devel-3.19.1-1.el5_11.ppc.rpm SHA-256: 79b2439645325c8a2c0a8cb2ce2dc9e28ea658f3ac8d85012f6cd6e59af2481e
nss-pkcs11-devel-3.19.1-1.el5_11.ppc64.rpm SHA-256: a4dacd055e5cea8c2d234ff53596b00f13b9433b76d6ef57a588816979f8313f
nss-tools-3.19.1-1.el5_11.ppc.rpm SHA-256: 6729832ff4750b56e7697eeadb315e30d5aecaef7e1fd42ce78fe0a0791b5817

Red Hat Enterprise Linux Server from RHUI 5

SRPM
nss-3.19.1-1.el5_11.src.rpm SHA-256: 087a2562d464d8714143a2de7091d2fce55865af8faa26385144608b68ca5387
x86_64
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-3.19.1-1.el5_11.x86_64.rpm SHA-256: b44fc83caa47a77f51e5eac55187e01d9bf3cb175b453f647efc4c3bff3dced0
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-debuginfo-3.19.1-1.el5_11.x86_64.rpm SHA-256: e9f7514fa54ebca47005ef9a3fa84771e6ee28be21411d6b291097bbab1d7dc7
nss-devel-3.19.1-1.el5_11.i386.rpm SHA-256: c6512ce29107af71f9445ad8767b8a621efb1fd23aedba8360a738e6069d880f
nss-devel-3.19.1-1.el5_11.x86_64.rpm SHA-256: 8c5b98cfd48497fb8a22d384ac7882d645176c489915f8e6c52d1d695448bffa
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm SHA-256: 9057173fb985d2c9293f527176a34e0023a1381050b1618c372eb40f1194afa1
nss-pkcs11-devel-3.19.1-1.el5_11.x86_64.rpm SHA-256: cdf9daf7e4a5d6931532aa5723b04b3b147dd523a1885971781f289b5068eef1
nss-tools-3.19.1-1.el5_11.x86_64.rpm SHA-256: 84160f7ea637fed75205a6fd4250615e5794d2ba083d798005b1256d8c0f2f77
i386
nss-3.19.1-1.el5_11.i386.rpm SHA-256: cef7032028e9e3b296195d31f80407691fe92b4a0d1e446f3041168ef30c2f74
nss-debuginfo-3.19.1-1.el5_11.i386.rpm SHA-256: 44b6bb32017ba12b42e22fcacc2a08c48d181c6808e7f386c9d1d51b7ee6e01c
nss-devel-3.19.1-1.el5_11.i386.rpm SHA-256: c6512ce29107af71f9445ad8767b8a621efb1fd23aedba8360a738e6069d880f
nss-pkcs11-devel-3.19.1-1.el5_11.i386.rpm SHA-256: 9057173fb985d2c9293f527176a34e0023a1381050b1618c372eb40f1194afa1
nss-tools-3.19.1-1.el5_11.i386.rpm SHA-256: dbfd09bf3ccce0411e60125f070dc9520966254018b92a471be97f788d920520

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter