1. 내용
- NSS가 DHE(Diffie-Hellman key exchange)와 ECDHE(Elliptic Curve Diffie-Hellman key exchange)의 핸드세이크 메시지 취급 과정의 use-after-free 결함 수정
- NSS가 DER(Distinguished Encoding Rules) 키 인코딩 진행과정의 use-after-free 결함 수정
2. 업데이트 방법
yum update nss
yum update nss-util
yum update nspr
3. 관련 패키지
ia-32
nss-3.21.0-0.3.el6_7.i686.rpm
nss-tools-3.21.0-0.3.el6_7.i686.rpm
nss-devel-3.21.0-0.3.el6_7.i686.rpm
nss-sysinit-3.21.0-0.3.el6_7.i686.rpm
nss-pkcs11-devel-3.21.0-0.3.el6_7.i686.rpm
nss-util-3.21.0-0.3.el6_7.i686.rpm
nss-util-devel-3.21.0-0.3.el6_7.i686.rpm
nspr-4.11.0-0.1.el6_7.i686.rpm
nspr-devel-4.11.0-0.1.el6_7.i686.rpm
x86_64
nss-3.21.0-0.3.el6_7.x86_64.rpm
nss-tools-3.21.0-0.3.el6_7.x86_64.rpm
nss-pkcs11-devel-3.21.0-0.3.el6_7.x86_64.rpm
nss-devel-3.21.0-0.3.el6_7.x86_64.rpm
nss-sysinit-3.21.0-0.3.el6_7.x86_64.rpm
nss-util-3.21.0-0.3.el6_7.x86_64.rpm
nss-util-devel-3.21.0-0.3.el6_7.x86_64.rpm
nspr-4.11.0-0.1.el6_7.x86_64.rpm
nspr-devel-4.11.0-0.1.el6_7.x86_64.rpm
4. CVE ID (공통취약성표준, http://cve.mitre.org)
CVE-2016-1978
CVE-2016-1979