Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64
Critical Nessus Plugin ID 76701
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544)
After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
SolutionUpdate the affected packages.