Bug 17069

Summary: apache-mod_nss new security issue CVE-2015-3277
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Thomas Spuhler <thomas>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/662787/
Whiteboard:
Source RPM: apache-mod_nss-1.0.11-6.mga6.src.rpm CVE:
Status comment:

Description David Walser 2015-11-02 21:12:28 CET 
Fedora has issued an advisory on November 1:
https://lists.fedoraproject.org/pipermail/package-announce/2015-November/170607.html

The version in Mageia 5 is not affected.

Reproducible: 

Steps to Reproduce:
David Walser 2015-11-02 21:13:18 CET

Version: 5 => Cauldron

Thomas Spuhler 2015-11-04 00:25:24 CET

Status: NEW => ASSIGNED

Comment 1 Thomas Spuhler 2015-11-09 19:44:21 CET 
fixed by upgrading to vers. 1.0.12

Status: ASSIGNED => RESOLVED
Hardware: i586 => All
Resolution: (none) => FIXED

Comment 2 David Walser 2016-01-11 21:28:41 CET 
Fedora has issued an advisory on January 8:
https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html

This one is CVE-2015-5244:
http://lwn.net/Vulnerabilities/671464/

This was also fixed in 1.0.12 and did not affect the version in Mageia 5.