rhsa-2013_1135
Vulnerability from csaf_redhat
Published
2013-08-05 15:46
Modified
2024-11-22 06:25
Summary
Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update
Notes
Topic
Updated nss and nspr packages that fix two security issues, various bugs,
and add enhancements are now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support
the cross-platform development of security-enabled client and server
applications. Netscape Portable Runtime (NSPR) provides platform
independence for non-GUI operating system facilities.
It was discovered that NSS leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-1620)
An out-of-bounds memory read flaw was found in the way NSS decoded certain
certificates. If an application using NSS decoded a malformed certificate,
it could cause the application to crash. (CVE-2013-0791)
Red Hat would like to thank the Mozilla project for reporting
CVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter
of CVE-2013-0791.
This update also fixes the following bugs:
* A defect in the FreeBL library implementation of the Diffie-Hellman (DH)
protocol previously caused Openswan to drop connections. (BZ#958023)
* A memory leak in the nssutil_ReadSecmodDB() function has been fixed.
(BZ#986969)
In addition, the nss package has been upgraded to upstream version 3.14.3,
and the nspr package has been upgraded to upstream version 4.9.5. These
updates provide a number of bug fixes and enhancements over the previous
versions. (BZ#949845, BZ#924741)
Note that while upstream NSS version 3.14 prevents the use of certificates
that have an MD5 signature, this erratum includes a patch that allows such
certificates by default. To prevent the use of certificates that have an
MD5 signature, set the "NSS_HASH_ALG_SUPPORT" environment variable
to "-MD5".
Users of NSS and NSPR are advised to upgrade to these updated packages,
which fix these issues and add these enhancements. After installing this
update, applications using NSS or NSPR must be restarted for this update to
take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated nss and nspr packages that fix two security issues, various bugs,\nand add enhancements are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Security Services (NSS) is a set of libraries designed to support\nthe cross-platform development of security-enabled client and server\napplications. Netscape Portable Runtime (NSPR) provides platform\nindependence for non-GUI operating system facilities.\n\nIt was discovered that NSS leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-1620)\n\nAn out-of-bounds memory read flaw was found in the way NSS decoded certain\ncertificates. If an application using NSS decoded a malformed certificate,\nit could cause the application to crash. (CVE-2013-0791)\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2013-0791. Upstream acknowledges Ambroz Bizjak as the original reporter\nof CVE-2013-0791.\n\nThis update also fixes the following bugs:\n\n* A defect in the FreeBL library implementation of the Diffie-Hellman (DH)\nprotocol previously caused Openswan to drop connections. (BZ#958023)\n\n * A memory leak in the nssutil_ReadSecmodDB() function has been fixed.\n(BZ#986969)\n\nIn addition, the nss package has been upgraded to upstream version 3.14.3,\nand the nspr package has been upgraded to upstream version 4.9.5. These\nupdates provide a number of bug fixes and enhancements over the previous\nversions. (BZ#949845, BZ#924741)\n\nNote that while upstream NSS version 3.14 prevents the use of certificates\nthat have an MD5 signature, this erratum includes a patch that allows such\ncertificates by default. To prevent the use of certificates that have an\nMD5 signature, set the \"NSS_HASH_ALG_SUPPORT\" environment variable\nto \"-MD5\".\n\nUsers of NSS and NSPR are advised to upgrade to these updated packages,\nwhich fix these issues and add these enhancements. After installing this\nupdate, applications using NSS or NSPR must be restarted for this update to\ntake effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1135",
"url": "https://access.redhat.com/errata/RHSA-2013:1135"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "908234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908234"
},
{
"category": "external",
"summary": "924741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924741"
},
{
"category": "external",
"summary": "946947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=946947"
},
{
"category": "external",
"summary": "949845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949845"
},
{
"category": "external",
"summary": "986969",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=986969"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1135.json"
}
],
"title": "Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T06:25:35+00:00",
"generator": {
"date": "2024-11-22T06:25:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1135",
"initial_release_date": "2013-08-05T15:46:00+00:00",
"revision_history": [
{
"date": "2013-08-05T15:46:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-08-05T15:51:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T06:25:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.s390x",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.s390x",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.s390x",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.s390x",
"product_id": "nspr-0:4.9.5-1.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.14.3-6.el5_9.s390x",
"product": {
"name": "nss-tools-0:3.14.3-6.el5_9.s390x",
"product_id": "nss-tools-0:3.14.3-6.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.14.3-6.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.s390x",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.s390x",
"product_id": "nss-devel-0:3.14.3-6.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.s390x",
"product": {
"name": "nss-0:3.14.3-6.el5_9.s390x",
"product_id": "nss-0:3.14.3-6.el5_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.s390",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.s390",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.s390",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.s390",
"product_id": "nspr-0:4.9.5-1.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.s390",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.s390",
"product_id": "nss-devel-0:3.14.3-6.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.s390",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.s390",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.s390",
"product": {
"name": "nss-0:3.14.3-6.el5_9.s390",
"product_id": "nss-0:3.14.3-6.el5_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.x86_64",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.x86_64",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.x86_64",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.x86_64",
"product_id": "nspr-0:4.9.5-1.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.14.3-6.el5_9.x86_64",
"product": {
"name": "nss-tools-0:3.14.3-6.el5_9.x86_64",
"product_id": "nss-tools-0:3.14.3-6.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.14.3-6.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.x86_64",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.x86_64",
"product_id": "nss-devel-0:3.14.3-6.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.x86_64",
"product": {
"name": "nss-0:3.14.3-6.el5_9.x86_64",
"product_id": "nss-0:3.14.3-6.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.i386",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.i386",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.i386",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.i386",
"product_id": "nspr-0:4.9.5-1.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.i386",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.i386",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.i386",
"product": {
"name": "nss-0:3.14.3-6.el5_9.i386",
"product_id": "nss-0:3.14.3-6.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.i386",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.i386",
"product_id": "nss-devel-0:3.14.3-6.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.14.3-6.el5_9.i386",
"product": {
"name": "nss-tools-0:3.14.3-6.el5_9.i386",
"product_id": "nss-tools-0:3.14.3-6.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.14.3-6.el5_9?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.ppc",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.ppc",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.ppc",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.ppc",
"product_id": "nspr-0:4.9.5-1.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.14.3-6.el5_9.ppc",
"product": {
"name": "nss-tools-0:3.14.3-6.el5_9.ppc",
"product_id": "nss-tools-0:3.14.3-6.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.14.3-6.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.ppc",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.ppc",
"product_id": "nss-devel-0:3.14.3-6.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.ppc",
"product": {
"name": "nss-0:3.14.3-6.el5_9.ppc",
"product_id": "nss-0:3.14.3-6.el5_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.ppc64",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.ppc64",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.ppc64",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.ppc64",
"product_id": "nspr-0:4.9.5-1.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.ppc64",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.ppc64",
"product_id": "nss-devel-0:3.14.3-6.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.ppc64",
"product": {
"name": "nss-0:3.14.3-6.el5_9.ppc64",
"product_id": "nss-0:3.14.3-6.el5_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-devel-0:4.9.5-1.el5_9.ia64",
"product": {
"name": "nspr-devel-0:4.9.5-1.el5_9.ia64",
"product_id": "nspr-devel-0:4.9.5-1.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-devel@4.9.5-1.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.ia64",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.ia64",
"product_id": "nspr-0:4.9.5-1.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"product": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"product_id": "nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr-debuginfo@4.9.5-1.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-tools-0:3.14.3-6.el5_9.ia64",
"product": {
"name": "nss-tools-0:3.14.3-6.el5_9.ia64",
"product_id": "nss-tools-0:3.14.3-6.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-tools@3.14.3-6.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"product": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"product_id": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.14.3-6.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-devel-0:3.14.3-6.el5_9.ia64",
"product": {
"name": "nss-devel-0:3.14.3-6.el5_9.ia64",
"product_id": "nss-devel-0:3.14.3-6.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-devel@3.14.3-6.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"product": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"product_id": "nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss-debuginfo@3.14.3-6.el5_9?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.ia64",
"product": {
"name": "nss-0:3.14.3-6.el5_9.ia64",
"product_id": "nss-0:3.14.3-6.el5_9.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "nspr-0:4.9.5-1.el5_9.src",
"product": {
"name": "nspr-0:4.9.5-1.el5_9.src",
"product_id": "nspr-0:4.9.5-1.el5_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nspr@4.9.5-1.el5_9?arch=src"
}
}
},
{
"category": "product_version",
"name": "nss-0:3.14.3-6.el5_9.src",
"product": {
"name": "nss-0:3.14.3-6.el5_9.src",
"product_id": "nss-0:3.14.3-6.el5_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nss@3.14.3-6.el5_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.src",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-0:4.9.5-1.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64"
},
"product_reference": "nspr-0:4.9.5-1.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-debuginfo-0:4.9.5-1.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64"
},
"product_reference": "nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nspr-devel-0:4.9.5-1.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64"
},
"product_reference": "nspr-devel-0:4.9.5-1.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386"
},
"product_reference": "nss-0:3.14.3-6.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64"
},
"product_reference": "nss-0:3.14.3-6.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc"
},
"product_reference": "nss-0:3.14.3-6.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64"
},
"product_reference": "nss-0:3.14.3-6.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390"
},
"product_reference": "nss-0:3.14.3-6.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x"
},
"product_reference": "nss-0:3.14.3-6.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src"
},
"product_reference": "nss-0:3.14.3-6.el5_9.src",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-0:3.14.3-6.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64"
},
"product_reference": "nss-0:3.14.3-6.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-debuginfo-0:3.14.3-6.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64"
},
"product_reference": "nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-devel-0:3.14.3-6.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64"
},
"product_reference": "nss-devel-0:3.14.3-6.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64"
},
"product_reference": "nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.14.3-6.el5_9.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386"
},
"product_reference": "nss-tools-0:3.14.3-6.el5_9.i386",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.14.3-6.el5_9.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64"
},
"product_reference": "nss-tools-0:3.14.3-6.el5_9.ia64",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.14.3-6.el5_9.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc"
},
"product_reference": "nss-tools-0:3.14.3-6.el5_9.ppc",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.14.3-6.el5_9.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x"
},
"product_reference": "nss-tools-0:3.14.3-6.el5_9.s390x",
"relates_to_product_reference": "5Server-5.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nss-tools-0:3.14.3-6.el5_9.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
},
"product_reference": "nss-tools-0:3.14.3-6.el5_9.x86_64",
"relates_to_product_reference": "5Server-5.9.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mozilla project"
]
},
{
"names": [
"Ambroz Bizjak"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-0791",
"discovery_date": "2013-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "946947"
}
],
"notes": [
{
"category": "description",
"text": "The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Out-of-bounds array read in CERT_DecodeCertPackage (MFSA 2013-40)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0791"
},
{
"category": "external",
"summary": "RHBZ#946947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=946947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0791",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0791"
},
{
"category": "external",
"summary": "http://www.mozilla.org/security/announce/2013/mfsa2013-40.html",
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-40.html"
}
],
"release_date": "2013-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-08-05T15:46:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1135"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Mozilla: Out-of-bounds array read in CERT_DecodeCertPackage (MFSA 2013-40)"
},
{
"cve": "CVE-2013-1620",
"discovery_date": "2013-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "908234"
}
],
"notes": [
{
"category": "description",
"text": "The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nss: TLS CBC padding timing attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1620"
},
{
"category": "external",
"summary": "RHBZ#908234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1620",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1620"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-08-05T15:46:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1135"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.src",
"5Server-5.9.Z:nspr-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-debuginfo-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.i386",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ia64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.ppc64",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.s390x",
"5Server-5.9.Z:nspr-devel-0:4.9.5-1.el5_9.x86_64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.src",
"5Server-5.9.Z:nss-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-debuginfo-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.ppc64",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-pkcs11-devel-0:3.14.3-6.el5_9.x86_64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.i386",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ia64",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.ppc",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.s390x",
"5Server-5.9.Z:nss-tools-0:3.14.3-6.el5_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nss: TLS CBC padding timing attack"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.