September 15, 2009

Mandriva Linux Security Advisory 2009:197-2: nss

Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate (CVE-2009-2404).

This update provides the latest versions of NSS and NSPR libraries which are not vulnerable to those attacks.


This update also provides fixed packages for Mandriva Linux 2008.1 and fixes mozilla-thunderbird error messages...

Read More

Click Here!