[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-201406-19.xml - gentoo-commits

From:	"Mikle Kolyada (zlogene)" <zlogene@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-201406-19.xml
Date:	Sat, 21 Jun 2014 21:44:50
Message-Id:	`20140621214445.474C82004E@flycatcher.gentoo.org`

1

zlogene     14/06/21 21:44:45

2

3

  Added:                glsa-201406-19.xml

4

  Log:

5

   GLSA 201406-19

6

7

Revision  Changes    Path

8

1.1                  xml/htdocs/security/en/glsa/glsa-201406-19.xml

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-19.xml?rev=1.1&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-19.xml?rev=1.1&content-type=text/plain

12

13

Index: glsa-201406-19.xml

14

===================================================================

15

<?xml version="1.0" encoding="UTF-8"?>

16

<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>

17

<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>

18

<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

19

<glsa id="201406-19">

20

  <title>Mozilla Network Security Service: Multiple vulnerabilities </title>

21

  <synopsis>Multiple vulnerabilities have been discovered in Mozilla Network

22

    Security Service, the worst of which could lead to Denial of Service. 

23

  </synopsis>

24

  <product type="ebuild">nss</product>

25

  <announced>June 21, 2014</announced>

26

  <revised>June 21, 2014: 1</revised>

27

  <bug>455558</bug>

28

  <bug>486114</bug>

29

  <bug>491234</bug>

30

  <access>remote</access>

31

  <affected>

32

    <package name="dev-libs/nss" auto="yes" arch="*">

33

      <unaffected range="ge">3.15.3</unaffected>

34

      <vulnerable range="lt">3.15.3</vulnerable>

35

    </package>

36

  </affected>

37

  <background>

38

    <p>The Mozilla Network Security Service is a library implementing security

39

      features like SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,

40

      S/MIME and X.509 certificates. 

41

    </p>

42

  </background>

43

  <description>

44

    <p>Multiple vulnerabilities have been discovered in the Mozilla Network

45

      Security Service. Please review the CVE identifiers referenced below for

46

      more details about the vulnerabilities. 

47

    </p>

48

  </description>

49

  <impact type="normal">

50

    <p>A remote attacker can cause a Denial of Service condition.</p>

51

  </impact>

52

  <workaround>

53

    <p>There is no known workaround at this time.</p>

54

  </workaround>

55

  <resolution>

56

    <p>All Mozilla Network Security Service users should upgrade to the latest

57

      version:

58

    </p>

59

60

    <code>

61

      # emerge --sync

62

      # emerge --ask --oneshot --verbose "&gt;=dev-libs/nss-3.15.3"

63

    </code>

64

65

    <p>Packages which depend on this library may need to be recompiled. Tools

66

      such as revdep-rebuild may assist in identifying some of these packages.

67

    </p>

68

  </resolution>

69

  <references>

70

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1620">CVE-2013-1620</uri>

71

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1739">CVE-2013-1739</uri>

72

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1741">CVE-2013-1741</uri>

73

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2566">CVE-2013-2566</uri>

74

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5605">CVE-2013-5605</uri>

75

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5606">CVE-2013-5606</uri>

76

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5607">CVE-2013-5607</uri>

77

  </references>

78

  <metadata tag="requester" timestamp="Thu, 19 Jun 2014 01:57:31 +0000">

79

    BlueKnight

80

  </metadata>

81

  <metadata tag="submitter" timestamp="Sat, 21 Jun 2014 21:43:15 +0000">K_F</metadata>

82

</glsa>

1	zlogene 14/06/21 21:44:45
2
3	Added: glsa-201406-19.xml
4	Log:
5	GLSA 201406-19
6
7	Revision Changes Path
8	1.1 xml/htdocs/security/en/glsa/glsa-201406-19.xml
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-19.xml?rev=1.1&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-19.xml?rev=1.1&content-type=text/plain
12
13	Index: glsa-201406-19.xml
14	===================================================================
15	<?xml version="1.0" encoding="UTF-8"?>
16	<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
17	<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
18	<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
19	<glsa id="201406-19">
20	<title>Mozilla Network Security Service: Multiple vulnerabilities </title>
21	<synopsis>Multiple vulnerabilities have been discovered in Mozilla Network
22	Security Service, the worst of which could lead to Denial of Service.
23	</synopsis>
24	<product type="ebuild">nss</product>
25	<announced>June 21, 2014</announced>
26	<revised>June 21, 2014: 1</revised>
27	<bug>455558</bug>
28	<bug>486114</bug>
29	<bug>491234</bug>
30	<access>remote</access>
31	<affected>
32	<package name="dev-libs/nss" auto="yes" arch="*">
33	<unaffected range="ge">3.15.3</unaffected>
34	<vulnerable range="lt">3.15.3</vulnerable>
35	</package>
36	</affected>
37	<background>
38	<p>The Mozilla Network Security Service is a library implementing security
39	features like SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,
40	S/MIME and X.509 certificates.
41	</p>
42	</background>
43	<description>
44	<p>Multiple vulnerabilities have been discovered in the Mozilla Network
45	Security Service. Please review the CVE identifiers referenced below for
46	more details about the vulnerabilities.
47	</p>
48	</description>
49	<impact type="normal">
50	<p>A remote attacker can cause a Denial of Service condition.</p>
51	</impact>
52	<workaround>
53	<p>There is no known workaround at this time.</p>
54	</workaround>
55	<resolution>
56	<p>All Mozilla Network Security Service users should upgrade to the latest
57	version:
58	</p>
59
60	<code>
61	# emerge --sync
62	# emerge --ask --oneshot --verbose ">=dev-libs/nss-3.15.3"
63	</code>
64
65	<p>Packages which depend on this library may need to be recompiled. Tools
66	such as revdep-rebuild may assist in identifying some of these packages.
67	</p>
68	</resolution>
69	<references>
70	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1620">CVE-2013-1620</uri>
71	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1739">CVE-2013-1739</uri>
72	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1741">CVE-2013-1741</uri>
73	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2566">CVE-2013-2566</uri>
74	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5605">CVE-2013-5605</uri>
75	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5606">CVE-2013-5606</uri>
76	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5607">CVE-2013-5607</uri>
77	</references>
78	<metadata tag="requester" timestamp="Thu, 19 Jun 2014 01:57:31 +0000">
79	BlueKnight
80	</metadata>
81	<metadata tag="submitter" timestamp="Sat, 21 Jun 2014 21:43:15 +0000">K_F</metadata>
82	</glsa>

Gentoo Archives: gentoo-commits