17069 – apache-mod_nss new security issue CVE-2015-3277

Bug 17069 - apache-mod_nss new security issue CVE-2015-3277

Summary: apache-mod_nss new security issue CVE-2015-3277

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	Thomas Spuhler
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/662787/
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-11-02 21:12 CET by David Walser
Modified:	2016-01-11 21:28 CET (History)
CC List:	0 users

See Also:
Source RPM:	apache-mod_nss-1.0.11-6.mga6.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2015-11-02 21:12:28 CET

Fedora has issued an advisory on November 1:
https://lists.fedoraproject.org/pipermail/package-announce/2015-November/170607.html

The version in Mageia 5 is not affected.

Reproducible: 

Steps to Reproduce:

David Walser 2015-11-02 21:13:18 CET

Version: 5 => Cauldron

Thomas Spuhler 2015-11-04 00:25:24 CET

Status: NEW => ASSIGNED

Comment 1 Thomas Spuhler 2015-11-09 19:44:21 CET

fixed by upgrading to vers. 1.0.12

Status: ASSIGNED => RESOLVED
Hardware: i586 => All
Resolution: (none) => FIXED

Comment 2 David Walser 2016-01-11 21:28:41 CET

Fedora has issued an advisory on January 8:
https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html

This one is CVE-2015-5244:
http://lwn.net/Vulnerabilities/671464/

This was also fixed in 1.0.12 and did not affect the version in Mageia 5.

Note You need to log in before you can comment on or make changes to this bug.