Paketname
nspr
Datum
2014-06-13
Advisory ID
MDVSA-2014:125
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

A vulnerability has been discovered and corrected in nspr:

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions (CVE-2014-1545).

The updated nspr packages have been upgraded to the 4.10.6 version
which is unaffected by this issue.

Additionally:

* The rootcerts package have been upgraded to the latest version as
of 2014-04-01.

* The nss packages have been upgraded to the latest 3.16.1 version
which resolves various bugs.

* The sqlite3 packages have been upgraded to the 3.7.17 version for
mbs1 due to an prerequisite to nss-3.16.1.

Aktualisierte Pakete

MES5 i586

 871b7828588ddba14fe5a3fa63353872  mes5/i586/libnspr4-4.10.6-0.1mdvmes5.2.i586.rpm
 a2c0b64bc6cd6e64aacf08e403c904be  mes5/i586/libnspr-devel-4.10.6-0.1mdvmes5.2.i586.rpm
 7e5de8bd72b992637677b8f0e785cd70  mes5/i586/libnss3-3.16.1-0.1mdvmes5.2.i586.rpm
 59a76907525859e8c5abb08af67db573  mes5/i586/libnss-devel-3.16.1-0.1mdvmes5.2.i586.rpm
 ca78336fa128083dafc47d99a5327d4f  mes5/i586/libnss-static-devel-3.16.1-0.1mdvmes5.2.i586.rpm
 aa17566d41af3c754cd33c51408542e8  mes5/i586/nss-3.16.1-0.1mdvmes5.2.i586.rpm
 8fc865c9d74bb3acb6c39e780c555388  mes5/i586/nss-doc-3.16.1-0.1mdvmes5.2.i586.rpm
 2622f5d0951a9e82726f18ac0c870797  mes5/i586/rootcerts-20140401.00-1mdvmes5.2.i586.rpm
 a452214d3dbdd48f67e51a0f60d9a0d1  mes5/i586/rootcerts-java-20140401.00-1mdvmes5.2.i586.rpm 
 2e37cefc0d57e66c496117eef3f8b64e  mes5/SRPMS/nspr-4.10.6-0.1mdvmes5.2.src.rpm
 d81f1303fee6dda1d9931194434a72cd  mes5/SRPMS/nss-3.16.1-0.1mdvmes5.2.src.rpm
 1693219abe0845f4b277b5ce0af65864  mes5/SRPMS/rootcerts-20140401.00-1mdvmes5.2.src.rpm

MBS1 x86_64

 971ca03b751a5b3e6d3afefdc8ebf02b  mbs1/x86_64/lemon-3.7.17-1.mbs1.x86_64.rpm
 a217173e1ad73f0e3fa53e3fa6f64846  mbs1/x86_64/lib64nspr4-4.10.6-1.mbs1.x86_64.rpm
 e2ec066d21ebcbf33610694b484a8dc5  mbs1/x86_64/lib64nspr-devel-4.10.6-1.mbs1.x86_64.rpm
 b72f56cea5af20b689605f8608bd4e43  mbs1/x86_64/lib64nss3-3.16.1-1.mbs1.x86_64.rpm
 d88bf2c9244bae5bf3eae084d59b2603  mbs1/x86_64/lib64nss-devel-3.16.1-1.mbs1.x86_64.rpm
 b0962cfd80a4b2ca46dab9daa6f6a7e0  mbs1/x86_64/lib64nss-static-devel-3.16.1-1.mbs1.x86_64.rpm
 0b334598f4f234861b4fbfb6f42467ec  mbs1/x86_64/lib64sqlite3_0-3.7.17-1.mbs1.x86_64.rpm
 55b279bec9fc53e46212df18367cdea6  mbs1/x86_64/lib64sqlite3-devel-3.7.17-1.mbs1.x86_64.rpm
 b21fb9c68187079fb0a14f2d7a5874f2  mbs1/x86_64/lib64sqlite3-static-devel-3.7.17-1.mbs1.x86_64.rpm
 725ad41fdbc1c547f2c1283c1c855f1a  mbs1/x86_64/nss-3.16.1-1.mbs1.x86_64.rpm
 45838333e5000ae1064c93697b67d110  mbs1/x86_64/nss-doc-3.16.1-1.mbs1.noarch.rpm
 ef3993eb75903e2da63133926a05bb93  mbs1/x86_64/rootcerts-20140401.00-1.mbs1.x86_64.rpm
 8ac879f760d140f51fa7a7b924530d94  mbs1/x86_64/rootcerts-java-20140401.00-1.mbs1.x86_64.rpm
 fac1dec8bb96d10acc8562afa5836943  mbs1/x86_64/sqlite3-tcl-3.7.17-1.mbs1.x86_64.rpm
 f78b319fc6f6e236c41bb6236f227afe  mbs1/x86_64/sqlite3-tools-3.7.17-1.mbs1.x86_64.rpm 
 65bf32ce4c4bcf079599cd8a87048e22  mbs1/SRPMS/nspr-4.10.6-1.mbs1.src.rpm
 5d15ba18cb5a6ce74922f332aff834dc  mbs1/SRPMS/nss-3.16.1-1.mbs1.src.rpm
 d38697d45661b225754d9cabbb314e3d  mbs1/SRPMS/rootcerts-20140401.00-1.mbs1.src.rpm
 d0f6f79de5b2fc80fdb420c8131dd73e  mbs1/SRPMS/sqlite3-3.7.17-1.mbs1.src.rpm

MES5 x86_64

 fefb6ed175ff09964d4289dd2e35e4e2  mes5/x86_64/lib64nspr4-4.10.6-0.1mdvmes5.2.x86_64.rpm
 a742bdf485719a4241232ead1aa58d79  mes5/x86_64/lib64nspr-devel-4.10.6-0.1mdvmes5.2.x86_64.rpm
 e6c55cec0b0c593eed088947cedeafcc  mes5/x86_64/lib64nss3-3.16.1-0.1mdvmes5.2.x86_64.rpm
 e4d27cd845a04e8f20ade562131166bb  mes5/x86_64/lib64nss-devel-3.16.1-0.1mdvmes5.2.x86_64.rpm
 6aa535f37bb44453f2ffb9e2c6300866  mes5/x86_64/lib64nss-static-devel-3.16.1-0.1mdvmes5.2.x86_64.rpm
 85881c197e866031457d0c5e838c7130  mes5/x86_64/nss-3.16.1-0.1mdvmes5.2.x86_64.rpm
 daf3b5119cb885652bed0daf79a3b843  mes5/x86_64/nss-doc-3.16.1-0.1mdvmes5.2.x86_64.rpm
 22bcfc38fe4353ab329be15779ccbc4f  mes5/x86_64/rootcerts-20140401.00-1mdvmes5.2.x86_64.rpm
 7f53efea4b3bb272b1bd282aecbbe189  mes5/x86_64/rootcerts-java-20140401.00-1mdvmes5.2.x86_64.rpm 
 2e37cefc0d57e66c496117eef3f8b64e  mes5/SRPMS/nspr-4.10.6-0.1mdvmes5.2.src.rpm
 d81f1303fee6dda1d9931194434a72cd  mes5/SRPMS/nss-3.16.1-0.1mdvmes5.2.src.rpm
 1693219abe0845f4b277b5ce0af65864  mes5/SRPMS/rootcerts-20140401.00-1mdvmes5.2.src.rpm

Referenzen