Lucene search
RedHatRHSA-2016:2602HistoryNov 03, 2016 - 6:07 a.m.
(RHSA-2016:2602) Low: mod_nss security, bug fix, and enhancement update
2016-11-0306:07:16
access.redhat.com
16
0.005 Low
EPSS
Percentile
76.1%
The mod_nss module provides strong cryptography for the Apache HTTP Server via the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, using the Network Security Services (NSS) security library.
The following packages have been upgraded to a newer upstream version: mod_nss (1.0.14). (BZ#1299063)
Security Fix(es):
- A flaw was found in the way mod_nss parsed certain OpenSSL-style cipher strings. As a result, mod_nss could potentially use ciphers that were not intended to be enabled. (CVE-2016-3099)
This issue was discovered by Rob Crittenden (Red Hat).
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | ppc64 | mod_nss-debuginfo | < 1.0.14-7.el7 | mod_nss-debuginfo-1.0.14-7.el7.ppc64.rpm |
| RedHat | 7 | ppc64le | mod_nss | < 1.0.14-7.el7 | mod_nss-1.0.14-7.el7.ppc64le.rpm |
| RedHat | 7 | aarch64 | mod_nss | < 1.0.14-7.el7 | mod_nss-1.0.14-7.el7.aarch64.rpm |
| RedHat | 7 | x86_64 | mod_nss | < 1.0.14-7.el7 | mod_nss-1.0.14-7.el7.x86_64.rpm |
| RedHat | 7 | ppc64 | mod_nss | < 1.0.14-7.el7 | mod_nss-1.0.14-7.el7.ppc64.rpm |
| RedHat | 7 | s390x | mod_nss-debuginfo | < 1.0.14-7.el7 | mod_nss-debuginfo-1.0.14-7.el7.s390x.rpm |
| RedHat | 7 | s390x | mod_nss | < 1.0.14-7.el7 | mod_nss-1.0.14-7.el7.s390x.rpm |
| RedHat | 7 | aarch64 | mod_nss-debuginfo | < 1.0.14-7.el7 | mod_nss-debuginfo-1.0.14-7.el7.aarch64.rpm |
| RedHat | 7 | x86_64 | mod_nss-debuginfo | < 1.0.14-7.el7 | mod_nss-debuginfo-1.0.14-7.el7.x86_64.rpm |
| RedHat | 7 | ppc64le | mod_nss-debuginfo | < 1.0.14-7.el7 | mod_nss-debuginfo-1.0.14-7.el7.ppc64le.rpm |
Related
nessus
nessus
Fedora 23 : mod_nss-1.0.12-3.fc23 (2016-8b28358b72)
2016-04-27 00:00:00
RHEL 5 : mod_nss (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 6 : mod_nss (Unpatched Vulnerability)
2024-06-03 00:00:00
cve
cve
CVE-2016-3099
2017-06-08 19:29:00
openvas
openvas
Fedora Update for mod_nss FEDORA-2016-1
2016-05-08 00:00:00
Fedora Update for mod_nss FEDORA-2016-8
2016-04-26 00:00:00
RedHat Update for mod_nss RHSA-2016:2602-02
2016-11-04 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: mod_nss-1.0.12-3.fc23
2016-04-25 23:57:19
[SECURITY] Fedora 24 Update: mod_nss-1.0.12-4.fc24
2016-05-07 13:44:15
[SECURITY] Fedora 22 Update: mod_nss-1.0.11-7.fc22
2016-04-25 22:22:52
centos
centos
mod_nss security update
2016-11-25 16:00:20
mageia
mageia
Updated apache-mod_nss packages fix CVE-2016-3099
2016-05-22 01:11:24
veracode
veracode
Unintended Cipher
2020-12-06 04:49:47
amazon
amazon
Low: mod24_nss
2016-06-15 13:30:00
debiancve
debiancve
CVE-2016-3099
2017-06-08 19:29:00
prion
prion
Code injection
2017-06-08 19:29:00
ubuntucve
ubuntucve
CVE-2016-3099
2017-06-08 00:00:00
oraclelinux
oraclelinux
mod_nss security, bug fix, and enhancement update
2016-11-09 00:00:00
nvd
nvd
CVE-2016-3099
2017-06-08 19:29:00
cvelist
cvelist
CVE-2016-3099
2017-06-08 19:00:00