Scientific Linux Security Update : mod_nss on SL7.x x86_64
Medium Nessus Plugin ID 95848
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionThe following packages have been upgraded to a newer upstream version:
Security Fix(es) :
- A flaw was found in the way mod_nss parsed certain OpenSSL-style cipher strings. As a result, mod_nss could potentially use ciphers that were not intended to be enabled. (CVE-2016-3099)
This issue was discovered by Rob Crittenden (Red Hat).
Additional Changes :
SolutionUpdate the affected mod_nss and / or mod_nss-debuginfo packages.