SuSE 10 Security Update : Mozilla NSS (ZYPP Patch Number 7746)

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This update updates Mozilla NSS to 3.12.11.

The update marks the compromised DigiNotar Certificate Authority as
untrusted

For more information read: MFSA 2011-34

- update to 3.12.10 o root CA changes o filter certain
bogus certs (bmo#642815) o fix minor memory leaks o
other bugfixes

- update to 3.12.9 o fix minor memory leaks (bmo#619268) o
fix crash in nss_cms_decoder_work_data (bmo#607058) o
fix crash in certutil (bmo#620908) o handle invalid
argument in JPAKE (bmo#609068) o J-PAKE support (API
requirement for Firefox >= 4.0b8)

- replaced expired PayPal test certificate (fixing
testsuite)

- removed DigiNotar root certifiate from trusted db
(bmo#682927) This update also brings the prerequired
Mozilla NSPR to version 4.8.9. - update to 4.8.9 -
update to 4.8.8 * support IPv6 on Android (bmo#626866) *
use AI_ADDRCONFIG for loopback hostnames (bmo#614526) *
support SDP sockets (bmo#518078) * support m32r
architecture (bmo#635667) * use atomic functions on ARM
(bmo#626309) * some other fixes not affecting the Linux
platform

See also :

http://www.mozilla.org/security/announce/2011/mfsa2011-34.html

Solution :

Apply ZYPP patch number 7746.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 57232 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now