NSS versions 3.14.5 and 3.15.3 were released, documenting the following security fix: * (CVE-2013-5605) Handle invalid handshake packets Release notes refer to this currently non-public upstream bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=934016 Upstream patch: https://hg.mozilla.org/projects/nss/rev/e79a09364b5e Release notes: https://developer.mozilla.org/en-US/docs/NSS/NSS_3.14.5_release_notes https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.3_release_notes
Created nss tracking bugs for this issue: Affects: fedora-all [bug 1031897]
Reference: http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:1791 https://rhn.redhat.com/errata/RHSA-2013-1791.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1829 https://rhn.redhat.com/errata/RHSA-2013-1829.html
nss-3.15.3-2.fc20, nss-softokn-3.15.3-1.fc20, nss-util-3.15.3-1.fc20, nspr-4.10.2-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
nss-util-3.15.3-1.fc19, nss-softokn-3.15.3-1.fc19, nss-3.15.3-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 5.9 EUS - Server Only Red Hat Enterprise Linux 5.6 EUS - Server Only Red Hat Enterprise Linux 5.3 Long Life Via RHSA-2013:1841 https://rhn.redhat.com/errata/RHSA-2013-1841.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only Red Hat Enterprise Linux 6.4 EUS - Server and Compute Node Only Via RHSA-2013:1840 https://rhn.redhat.com/errata/RHSA-2013-1840.html
nss-3.15.3-1.fc18, nss-softokn-3.15.3-1.fc18, nss-util-3.15.3-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: RHEV-H and Agents for RHEL-6 Via RHSA-2014:0041 https://rhn.redhat.com/errata/RHSA-2014-0041.html