nss-3.19.1-3.AXS4, nss-util-3.19.1-1.AXS4
エラータID: AXSA:2015-196:01
リリース日:
2015/07/21 Tuesday - 18:10
題名:
nss-3.19.1-3.AXS4, nss-util-3.19.1-1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- TLS プロトコル 1.2 以前では,DHE_EXPORT 暗号スイートがサーバ側で有効であり,しかしクライアント側では有効になっていない場合,DHE_EXPORT の選択を適切に伝えていませんでした。このことにより,攻撃者が暗号ダウングレード攻撃を行う脆弱性があります。
この中間者攻撃は,ClientHello メッセージで指定する暗号アルゴリズムを,DHE から DHE_EXPORT を持つ ServerHello を置き換える攻撃となります。(CVE-2015-4000)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2015-4000
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
追加情報:
N/A
ダウンロード:
SRPMS
- nss-util-3.19.1-1.AXS4.src.rpm
MD5: f8369e1c4e72104eeb168abeee39e3cc
SHA-256: 0d9c9f86817217e9060a6d9c42a4d350347d2d3eb3f1fa5a2bf23cb6d40b1416
Size: 730.23 kB - nss-3.19.1-3.AXS4.src.rpm
MD5: 04f0428470ae211c5d4d484235f57966
SHA-256: 7f50f9b9d709abb50b98ee05940a6b214d0880e7c88a95a4ef651488dfb631cb
Size: 5.35 MB
Asianux Server 4 for x86
- nss-util-3.19.1-1.AXS4.i686.rpm
MD5: 61b77aeba67481f063035ac83c620dd2
SHA-256: 64f58669ec3e75468c9167b53a7ee5f60d99f7ea6372001f7e9f207f2f969d43
Size: 65.23 kB - nss-util-devel-3.19.1-1.AXS4.i686.rpm
MD5: 6b359a756bcd090b9f610a0ce24a9d98
SHA-256: 54e8b49986072a24e350c8cc6540e3025bc2d7fccd62108e6dc4d9e72fe43970
Size: 67.48 kB - nss-3.19.1-3.AXS4.i686.rpm
MD5: 9b7183669809993c1708ab9572ff8f01
SHA-256: 09c67b516667bdc18f24f614aee62908e4ddd2acff09ab690fce9fe77860effb
Size: 859.58 kB - nss-devel-3.19.1-3.AXS4.i686.rpm
MD5: ecc89a6ff175661192c67f59b3cdee72
SHA-256: 86512a7fdc6de75c474a5fc1d6fbf565e02f02e27e90cb829fcaa0a3e97b3227
Size: 201.98 kB - nss-sysinit-3.19.1-3.AXS4.i686.rpm
MD5: a4bb002aae46a334213f3e8001a22747
SHA-256: 57dd892a649f3e69e0a50fbc3468a08f27d7229394fd7e0eccc6d10f6e48d557
Size: 45.18 kB - nss-tools-3.19.1-3.AXS4.i686.rpm
MD5: a8dde4cae89f4c6491677681224bc708
SHA-256: f698d5b713beb42ae3d144bdeaf9565f949abaa97296ef2b569de139abd279f2
Size: 441.36 kB
Asianux Server 4 for x86_64
- nss-util-3.19.1-1.AXS4.x86_64.rpm
MD5: 9aeb0d5043bbeca6679e6b5c5fc946b3
SHA-256: 8960a7ad2556d02c4832464ae5a8995798bb8cdd5c79ce294c4e643adf3153db
Size: 65.16 kB - nss-util-devel-3.19.1-1.AXS4.x86_64.rpm
MD5: d112b44d5aa2a08758e20602cce88dc7
SHA-256: aa190f5ed5aa376484a4059b5e6790ffdc46e3bb7d97e85af435062f1bddf89c
Size: 67.05 kB - nss-util-3.19.1-1.AXS4.i686.rpm
MD5: 61b77aeba67481f063035ac83c620dd2
SHA-256: 64f58669ec3e75468c9167b53a7ee5f60d99f7ea6372001f7e9f207f2f969d43
Size: 65.23 kB - nss-util-devel-3.19.1-1.AXS4.i686.rpm
MD5: 6b359a756bcd090b9f610a0ce24a9d98
SHA-256: 54e8b49986072a24e350c8cc6540e3025bc2d7fccd62108e6dc4d9e72fe43970
Size: 67.48 kB - nss-3.19.1-3.AXS4.x86_64.rpm
MD5: aa9aa4de6d844fd855e1f38fa1615c72
SHA-256: d44ac50e7deba120aa5a86ae2cabdca5a40e2897f46a9c56482fa24d5cdf4019
Size: 855.55 kB - nss-devel-3.19.1-3.AXS4.x86_64.rpm
MD5: 198effa786d54589cfcc14becc5e3309
SHA-256: 6cb383929e4e488e8af5b90538b8898720949e01434d13acfe2b6b55588ab3a9
Size: 200.09 kB - nss-sysinit-3.19.1-3.AXS4.x86_64.rpm
MD5: 6176ce2d987a724c3a262091e2e404cb
SHA-256: 351e5f280a8f5e3b644966dfefabf0c4e4cac852c35fc08b91e28aca16bbd888
Size: 44.80 kB - nss-tools-3.19.1-3.AXS4.x86_64.rpm
MD5: 5bea81a0de4571978199cf676ccf3ca0
SHA-256: e66c15f94abadc75adf5ee008dff96a6e777f18afbf1f26cf47e008cdd2328f0
Size: 432.38 kB - nss-3.19.1-3.AXS4.i686.rpm
MD5: 9b7183669809993c1708ab9572ff8f01
SHA-256: 09c67b516667bdc18f24f614aee62908e4ddd2acff09ab690fce9fe77860effb
Size: 859.58 kB - nss-devel-3.19.1-3.AXS4.i686.rpm
MD5: ecc89a6ff175661192c67f59b3cdee72
SHA-256: 86512a7fdc6de75c474a5fc1d6fbf565e02f02e27e90cb829fcaa0a3e97b3227
Size: 201.98 kB