Detalji

Ispravljen je sigurnosni propust u programskom paketu NSS, distribuiranim s operacijskim sustavom Fedora 15. Radi se o skupu programskih biblioteka namijenjenih razvoju sigurnih aplikacija temeljenih na odnosu klijent-poslužitelj. Sigurnosna ranjivost odnosi se na 7 kompromitiranih certifikata vezanih uz npr. "addons.mozilla.org", "login.live.com", "mail.google.com", itd. Ovakva ranjivost napadaču omogućuje pristup povjerljivim podacima te njihovo brisanje, mijenjanje i slično. Svim korisnicima programskog paketa NSS preporuča se njegova nadogradnja u svrhu zaštite sigurnosti. 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-4117
2011-03-26 04:45:24
--------------------------------------------------------------------------------

Name        : nss
Product     : Fedora 15
Version     : 3.12.9
Release     : 14.fc15
URL         : http://www.mozilla.org/projects/security/pki/nss/
Summary     : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

--------------------------------------------------------------------------------
Update Information:

Update to NSS_3.12.9_WITH_CKBI_1_82_RTM

nss security update for compromised certificates

see: https://bugzilla.mozilla.org/show_bug.cgi?id=642395

--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nss' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh