mod_nss-1.0.8-8.AXS3
エラータID: AXSA:2014-238:01
Release date:
Thursday, April 10, 2014 - 18:57
Subject:
mod_nss-1.0.8-8.AXS3
Affected Channels:
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity:
High
Description:
The mod_nss module provides strong cryptography for the Apache Web server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols using the Network Security Services (NSS) security library.
Security issues fixed with this release:
• CVE-2013-4566
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
Solution:
Update packages.
CVEs:
CVE-2013-4566
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to bypass intended access restrictions.
Additional Info:
N/A
Download:
SRPMS
- mod_nss-1.0.8-8.AXS3.src.rpm
MD5: 60d441bb5bf9353fc95b3e423b9dde16
SHA-256: 15c1b8bf79cb8e086fb503f38651da5f8189c15b744c3ffae215084c5b4dda61
Size: 414.38 kB
Asianux Server 3 for x86
- mod_nss-1.0.8-8.AXS3.i386.rpm
MD5: 454bd37459856eac595d48d2ba079e66
SHA-256: b767d698d2d58ac93e9312162ab2f9b6e6abddaf0774859ef555cd8cf53cbc2d
Size: 88.49 kB
Asianux Server 3 for x86_64
- mod_nss-1.0.8-8.AXS3.x86_64.rpm
MD5: c597065e467a38dde112533e718931fa
SHA-256: d32cc5d4a072b0c4451dac16d0e8f32b0b43fb32afca9bec89054d18c82e8ccb
Size: 90.04 kB
日本語