nspr-4.9.1-2.AXS4, nss-util-3.13.5-1.AXS4, nss-3.13.5-1.0.1.AXS4
エラータID: AXSA:2012-848:04
リリース日:
2012/09/12 Wednesday - 11:26
題名:
nspr-4.9.1-2.AXS4, nss-util-3.13.5-1.AXS4, nss-3.13.5-1.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- NSS の QuickDER デコーダの ASN.1 デコーダには (1) 長さが 0 の basic constraint あるいは (2) OCSP レスポンスの長さが 0 のフィールドによって,リモートの攻撃者がサービス拒否 (アプリケーションのクラッシュ) を引き起こす脆弱性があります。(CVE-2012-0441)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-0441
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
追加情報:
N/A
ダウンロード:
SRPMS
- nspr-4.9.1-2.AXS4.src.rpm
MD5: 4c3f33ae67be85a464dc9e651653fe2f
SHA-256: 11caa684630687096bfcf640dae6970373f4f8dfae578a259a0c8c1726b5adc7
Size: 878.00 kB - nss-util-3.13.5-1.AXS4.src.rpm
MD5: 6ddca8b28e31ee1bfc096a7139554ed2
SHA-256: 23bf4a98651561e41bdce8bceeb318ead82ddebd492bd614f22e5332fffc2c37
Size: 282.42 kB - nss-3.13.5-1.0.1.AXS4.src.rpm
MD5: 3daf08a39b378398ed84b222fd36ca9f
SHA-256: a142176934d6f25744317a72e7bc0a26cc708f1eb2b6bbb224ea29ebe1ddbad2
Size: 4.37 MB
Asianux Server 4 for x86
- nspr-4.9.1-2.AXS4.i686.rpm
MD5: 8aed9eac07474af0b2a42f0afe00efec
SHA-256: 77106b0725037ca959b98e8e098d696067e61aa8ecdeed23383fc8364396e52b
Size: 113.05 kB - nspr-devel-4.9.1-2.AXS4.i686.rpm
MD5: 8fe499d90c404b90028e76982ed9a0d9
SHA-256: fcba3e8cc3614b1f61d4fff2fb45d1bf5920c2621a9e241159aea5aa0f8c6a99
Size: 107.62 kB - nss-util-3.13.5-1.AXS4.i686.rpm
MD5: 88a8c12c3ee88e914589283a87bc0889
SHA-256: d1ab28c50a7e0a875aa68f81ddfa47ee84a257af06ec9eeb6ed2d19c4b558609
Size: 51.41 kB - nss-util-devel-3.13.5-1.AXS4.i686.rpm
MD5: 2071260c2b7c95025adba0535e37032b
SHA-256: 59a0f8e9251c0f18c2cc2662813748f848fa2a7b4e5bfbe48c27bbca10593342
Size: 60.50 kB - nss-3.13.5-1.0.1.AXS4.i686.rpm
MD5: 2db65ed558055198a6d900cec69f6378
SHA-256: 5af3ce9e28882541bf29fc585a0e05eb5e02bf4095c8ba7bc8f6d83ccc79d00e
Size: 766.53 kB - nss-devel-3.13.5-1.0.1.AXS4.i686.rpm
MD5: c00b6c5971db4628ecbf867479f2593f
SHA-256: 0ee50b5863de0474adb609c400f0114ed3e522a6c25435521e252d972c96e17f
Size: 174.14 kB - nss-sysinit-3.13.5-1.0.1.AXS4.i686.rpm
MD5: 48a9633ed7728b5d264dfb1fc7f2f02e
SHA-256: ee7bdb97b4e9777fef388948b41d1b6d39b0186f319d573f470ff753b4404984
Size: 31.52 kB - nss-tools-3.13.5-1.0.1.AXS4.i686.rpm
MD5: d03c654195a6700b98a8feb37e162ffb
SHA-256: 13245fdb7b60e0eb269d6ebe344f78733cb01b5cf96618e95b115290593555f5
Size: 746.40 kB
Asianux Server 4 for x86_64
- nspr-4.9.1-2.AXS4.x86_64.rpm
MD5: a9e89feabdaff3d7864f0bd011f781c9
SHA-256: f541b8ce4c53fa5d6e08eebf1bc1bc117ae218444593e83b84ef5a6d6356e82a
Size: 109.96 kB - nspr-devel-4.9.1-2.AXS4.x86_64.rpm
MD5: f60c6f308326493307f9ec7a9cfcae45
SHA-256: 98f3c5521e08f3478047ae28174ee67a4878727498803f1ee19c38a6c8daefce
Size: 107.23 kB - nspr-4.9.1-2.AXS4.i686.rpm
MD5: 8aed9eac07474af0b2a42f0afe00efec
SHA-256: 77106b0725037ca959b98e8e098d696067e61aa8ecdeed23383fc8364396e52b
Size: 113.05 kB - nspr-devel-4.9.1-2.AXS4.i686.rpm
MD5: 8fe499d90c404b90028e76982ed9a0d9
SHA-256: fcba3e8cc3614b1f61d4fff2fb45d1bf5920c2621a9e241159aea5aa0f8c6a99
Size: 107.62 kB - nss-util-3.13.5-1.AXS4.x86_64.rpm
MD5: 16211d037d593f0b6e294fa5c7aa7632
SHA-256: 4b8cb2fb70ed3b7ca19f370cf3720ea4db3ca645ca8aa729ccddc3da792bb29c
Size: 51.85 kB - nss-util-devel-3.13.5-1.AXS4.x86_64.rpm
MD5: 044d6ff51e06ac8ae3706e234f1b3c60
SHA-256: 50eadf56bb5b4a253133015e9aeee74cd5c8d07d5a26fe4a056cacc72063aab2
Size: 60.05 kB - nss-util-3.13.5-1.AXS4.i686.rpm
MD5: 88a8c12c3ee88e914589283a87bc0889
SHA-256: d1ab28c50a7e0a875aa68f81ddfa47ee84a257af06ec9eeb6ed2d19c4b558609
Size: 51.41 kB - nss-util-devel-3.13.5-1.AXS4.i686.rpm
MD5: 2071260c2b7c95025adba0535e37032b
SHA-256: 59a0f8e9251c0f18c2cc2662813748f848fa2a7b4e5bfbe48c27bbca10593342
Size: 60.50 kB - nss-3.13.5-1.0.1.AXS4.x86_64.rpm
MD5: ffce4d29b6eefcebf98d062ca4f1d840
SHA-256: 4e340e13d78511a1089bb734f6cef5983963711fd22b58bacc8564fca0d61ee3
Size: 762.13 kB - nss-devel-3.13.5-1.0.1.AXS4.x86_64.rpm
MD5: 07fba03c4660a101112a3597d38ae4f3
SHA-256: d442ece23e8142f94be26412de563c5ba4f308d501dc4ca7583f376995898a3a
Size: 172.33 kB - nss-sysinit-3.13.5-1.0.1.AXS4.x86_64.rpm
MD5: f226f6917d750c956c831a197d986225
SHA-256: 419dbdd0b9b1c5439062e9d46e4bd98c6f7591f23c6cf11e065a7af91860f70c
Size: 31.27 kB - nss-tools-3.13.5-1.0.1.AXS4.x86_64.rpm
MD5: 282f5d9a87d47031e871c11c22aabbf1
SHA-256: 083af9b7bcc952fde4f02a804a510e0049259c9d46baa9b31d5d8c7afe87e860
Size: 728.75 kB - nss-3.13.5-1.0.1.AXS4.i686.rpm
MD5: 2db65ed558055198a6d900cec69f6378
SHA-256: 5af3ce9e28882541bf29fc585a0e05eb5e02bf4095c8ba7bc8f6d83ccc79d00e
Size: 766.53 kB - nss-devel-3.13.5-1.0.1.AXS4.i686.rpm
MD5: c00b6c5971db4628ecbf867479f2593f
SHA-256: 0ee50b5863de0474adb609c400f0114ed3e522a6c25435521e252d972c96e17f
Size: 174.14 kB