Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Mandriva: nss

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: nss
# 1  
Old 12-03-2009
Mandriva: nss
LinuxSecurity.com: Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate (CVE-2009-2404). This update provides the latest versions of NSS and NSPR libraries which are not vulnerable to those attacks. Update: Packages for 2008.0 are being provided due to extended support for Corporate products.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Programming

nss compile on solaris 10

so I am trying to build "directory server 389" on solaris 10. I am using this as i guide: 389 Directory Server (Open Source LDAP) I am using solaria studio as my compiler. I built NSPR with no issues. the problem is NSS (Network Security Services) I simply can't find instruction... (0 Replies)
Discussion started by: robsonde
0 Replies

2. UNIX for Advanced & Expert Users

NSS - LDAP ---> su: Unknown id:

Hello Experts, I am facing a problem with ldap account, Some systems account running properly, but some systems it returns as "su: Unknown id: username". Please let me know how to start troubleshooting the same. Thanks in Advance. Reagrds, Awadhesh (1 Reply)
Discussion started by: Awadhesh
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

x509

x509(3openssl)							      OpenSSL							    x509(3openssl)

NAME

       x509 - X.509 certificate handling

SYNOPSIS

	#include <openssl/x509.h>

DESCRIPTION

       A X.509 certificate is a structured grouping of information about an individual, a device, or anything one can imagine.	A X.509 CRL (cer-
       tificate revocation list) is a tool to help determine if a certificate is still valid.  The exact definition of those can be found in the
       X.509 document from ITU-T, or in RFC3280 from PKIX.  In OpenSSL, the type X509 is used to express such a certificate, and the type X509_CRL
       is used to express a CRL.

       A related structure is a certificate request, defined in PKCS#10 from RSA Security, Inc, also reflected in RFC2896.  In OpenSSL, the type
       X509_REQ is used to express such a certificate request.

       To handle some complex parts of a certificate, there are the types X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express a
       certificate attributes), X509_EXTENSION (to express a certificate extension) and a few more.

       Finally, there's the supertype X509_INFO, which can contain a CRL, a certificate and a corresponding private key.

       X509_..., d2i_X509_... and i2d_X509_... handle X.509 certificates, with some exceptions, shown below.

       X509_CRL_..., d2i_X509_CRL_... and i2d_X509_CRL_...  handle X.509 CRLs.

       X509_REQ_..., d2i_X509_REQ_... and i2d_X509_REQ_...  handle PKCS#10 certificate requests.

       X509_NAME_... handle certificate names.

       X509_ATTRIBUTE_... handle certificate attributes.

       X509_EXTENSION_... handle certificate extensions.

SEE ALSO

       X509_NAME_ENTRY_get_object(3), X509_NAME_add_entry_by_txt(3), X509_NAME_add_entry_by_NID(3), X509_NAME_print_ex(3), X509_NAME_new(3),
       d2i_X509(3), d2i_X509_ALGOR(3), d2i_X509_CRL(3), d2i_X509_NAME(3), d2i_X509_REQ(3), d2i_X509_SIG(3), crypto(3), x509v3(3)

OpenSSL-0.9.8							    Oct 11 2005 						    x509(3openssl)