Updated nss packages that fix one security issue are now available forRed Hat Enterprise Linux 5.Red Hat Product Security has rated this update as having Critical securityimpact.

A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.
Network Security Services (NSS) is a set of libraries designed to supportthe cross-platform development of security-enabled client and serverapplications.A heap-based buffer overflow flaw was found in the way NSS parsed certainASN.1 structures.

An attacker could use this flaw to create a speciallycrafted certificate which, when parsed by NSS, could cause it to crash, orexecute arbitrary code, using the permissions of the user running anapplication compiled against the NSS library. (CVE-2016-1950)Red Hat would like to thank the Mozilla project for reporting this issue.Upstream acknowledges Francis Gabriel as the original reporter.All nss users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue.

For the update to takeeffect, all applications linked to the nss library must be restarted, orthe system rebooted.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258RHEL Desktop Workstation (v. 5 client)

SRPMS:
nss-3.19.1-4.el5_11.src.rpm
    MD5: 544778df37f1d2d9ce9e11098bc3b210SHA-256: e2ed10921358fe438dc597b79575e0288375277682c1f794f616d118703cec72
 
IA-32:
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-devel-3.19.1-4.el5_11.i386.rpm
    MD5: e9ac998fc83624b5e42b8ef508c70db4SHA-256: 7d77d7819b16fc71965ed86ca7e10f6be48c5997a13512fb8d77f56d3bf13b74
nss-pkcs11-devel-3.19.1-4.el5_11.i386.rpm
    MD5: 472d167a003745770ca3d0b7c7109ed4SHA-256: 333a39e4714a367ac8f46a26c3adb6981b8e54b09b4a241c43a84c0a2a8195fd
 
x86_64:
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-debuginfo-3.19.1-4.el5_11.x86_64.rpm
    MD5: 45061cba17fae1dfe581a415d44773bfSHA-256: 72a6d9440442e9e6765d9f22877b72a83bfa00dcfe9a704b50e565f69795d1d3
nss-devel-3.19.1-4.el5_11.i386.rpm
    MD5: e9ac998fc83624b5e42b8ef508c70db4SHA-256: 7d77d7819b16fc71965ed86ca7e10f6be48c5997a13512fb8d77f56d3bf13b74
nss-devel-3.19.1-4.el5_11.x86_64.rpm
    MD5: 4d831042af7dfa6e80ad6bf9579cd4efSHA-256: 65ddd0935783f0ac00c61fd3e13d7fb6509f01d3afa423c7dbfdb4c3aabc4281
nss-pkcs11-devel-3.19.1-4.el5_11.i386.rpm
    MD5: 472d167a003745770ca3d0b7c7109ed4SHA-256: 333a39e4714a367ac8f46a26c3adb6981b8e54b09b4a241c43a84c0a2a8195fd
nss-pkcs11-devel-3.19.1-4.el5_11.x86_64.rpm
    MD5: c1a2ac387761f45260de137e35545280SHA-256: fb02c20684a651c675e5b81fcba40487e1c8e6cfdcb90d261888347980b9bef9
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
nss-3.19.1-4.el5_11.src.rpm
    MD5: 544778df37f1d2d9ce9e11098bc3b210SHA-256: e2ed10921358fe438dc597b79575e0288375277682c1f794f616d118703cec72
 
IA-32:
nss-3.19.1-4.el5_11.i386.rpm
    MD5: 83ca14029531b9d549bb8df9f5aac525SHA-256: 450dd70148a25759d516bb7f9ee6864a8038221cd23cffa78dd4c97a6fcaf5b2
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-devel-3.19.1-4.el5_11.i386.rpm
    MD5: e9ac998fc83624b5e42b8ef508c70db4SHA-256: 7d77d7819b16fc71965ed86ca7e10f6be48c5997a13512fb8d77f56d3bf13b74
nss-pkcs11-devel-3.19.1-4.el5_11.i386.rpm
    MD5: 472d167a003745770ca3d0b7c7109ed4SHA-256: 333a39e4714a367ac8f46a26c3adb6981b8e54b09b4a241c43a84c0a2a8195fd
nss-tools-3.19.1-4.el5_11.i386.rpm
    MD5: 4dc8eec54f5690c46382ff359057ab2aSHA-256: 8fe0677dc573438c67b08a066581839480190c417fd42f45b426bf9a35a27693
 
IA-64:
nss-3.19.1-4.el5_11.i386.rpm
    MD5: 83ca14029531b9d549bb8df9f5aac525SHA-256: 450dd70148a25759d516bb7f9ee6864a8038221cd23cffa78dd4c97a6fcaf5b2
nss-3.19.1-4.el5_11.ia64.rpm
    MD5: a35672e89acaa20191c2a1d75da4cf71SHA-256: 27ea8e9c557bd3ec8ee5c1f44c9c73a44e55887d83216f6b529c6cb78c95fdd7
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-debuginfo-3.19.1-4.el5_11.ia64.rpm
    MD5: ac3a0adacec8c1952bc40e06d3435bdfSHA-256: 192132ea5cc4e1ba95fdd88208fbf20b0f9b55bbbfe86e749f060a9c30b83c3f
nss-devel-3.19.1-4.el5_11.ia64.rpm
    MD5: b002cc06061fe42fa347d0c058ea4811SHA-256: 6a9a2d5772f1ed63cbd4c26a5614ece8fe687840ca3da17d1fb114864085852c
nss-pkcs11-devel-3.19.1-4.el5_11.ia64.rpm
    MD5: 2a10e4e1437184cd437d1a43b5501d0cSHA-256: 47c9c10468f87486ecda09fde342a1a5279d2fddc83d20fb090ac8bfa73c82a6
nss-tools-3.19.1-4.el5_11.ia64.rpm
    MD5: 12b8332fe8ac7dc222bb58d44e3708cdSHA-256: 501dba43ca3c730875eb36dfaadebed45504d76fd1a7ca08b7f8a52127d2c097
 
PPC:
nss-3.19.1-4.el5_11.ppc.rpm
    MD5: 5f7cba235a6dfda6d50ca13db34ce18dSHA-256: b25d4537c0b393d46ec963030f6fc920e062f70a38dc63ff575a7fc875dd03cf
nss-3.19.1-4.el5_11.ppc64.rpm
    MD5: f4e685a10dfcf8347dad8d1a2a644933SHA-256: d037cd5df70a5548f0f6fb385e0cdfaa45c1a08ba0c3377c0e39461925b08d68
nss-debuginfo-3.19.1-4.el5_11.ppc.rpm
    MD5: 63f5dcca54604214dc325f4b611ab278SHA-256: 3232b8e8c0ca0442031caf6ee5cfc59b164ddbae71ea0647877d8e000a20dc93
nss-debuginfo-3.19.1-4.el5_11.ppc64.rpm
    MD5: 202e7f031d0f9c208146a3122d6e2254SHA-256: a935fa28c0fe4abd58ee34124089aa04c36f83032b86ca2425b03773b0e412e0
nss-devel-3.19.1-4.el5_11.ppc.rpm
    MD5: baf4fc80ff841213fd3a7c3a67960cdcSHA-256: f34e24e14ba59f3d4c6cfe02155fe10bbb4ad62a8d41e356477a22ef35f84238
nss-devel-3.19.1-4.el5_11.ppc64.rpm
    MD5: 914d98205a78f05982fc15b82f5eaf73SHA-256: f25ab7119e9df59585263f5fabc8ca336d592d16ef2e742ad0cbcf9b83a4ae6f
nss-pkcs11-devel-3.19.1-4.el5_11.ppc.rpm
    MD5: 818fad2e71a84adfc38100213c7a45dcSHA-256: 8e0c8f779047f96ed7511e28b159e4dfc4aa2fbd6e3aaf6f6529d7c30afe0b74
nss-pkcs11-devel-3.19.1-4.el5_11.ppc64.rpm
    MD5: 5bc98dee078cc79717e2f213d0bfc727SHA-256: 55fe6615b778c780abf646158796a8e4d659205dc2f3bb55b5d58dddedf51450
nss-tools-3.19.1-4.el5_11.ppc.rpm
    MD5: 18b786adc652500b133554e106a5d1eaSHA-256: 160ef3d5462c29caaaba55dafdaea301158c696a3671f9195a0683f858b76200
 
s390x:
nss-3.19.1-4.el5_11.s390.rpm
    MD5: 6952cec820827c2a220c5dd037bceb68SHA-256: 0c6e38e62e89941560c23c04f2a6bbc1015a484f8859719d323680f1de3574c1
nss-3.19.1-4.el5_11.s390x.rpm
    MD5: 791a8d37c6cba0c5a1dfed5b2d05f984SHA-256: 203c91421553c236aa4510142607ad9faa771e3ede0b4ea1f189e21d447feb46
nss-debuginfo-3.19.1-4.el5_11.s390.rpm
    MD5: 5a3c7b1fb3d3cd3ca8715ecf68c57c27SHA-256: c72d63adf72c06f88911d929276e94f8e178629a66b01ca12eddfa25df7da77c
nss-debuginfo-3.19.1-4.el5_11.s390x.rpm
    MD5: bb2633f65366110d759fe4a52c048ae5SHA-256: efd7c0a5246413c2b753a562948d24ca4c30746925281295ef4fbc34cf749f41
nss-devel-3.19.1-4.el5_11.s390.rpm
    MD5: 9624cff8b5026550f9d649ea5a64e56fSHA-256: e954423ebfc1da59eaf7323b08824d8eac9757e8944dd6dcbd1546eedd98392a
nss-devel-3.19.1-4.el5_11.s390x.rpm
    MD5: ee26742a2127da92358babfd40a579e6SHA-256: e6969d38708320399711a4d97829d92643899420cfd11608eafe12437435474e
nss-pkcs11-devel-3.19.1-4.el5_11.s390.rpm
    MD5: c19938f16265b38c90a1180a6a06d044SHA-256: 73506eaa4e80c3bd63fc77724d5861a7d2c8288d1042057629e5630b6f0f7612
nss-pkcs11-devel-3.19.1-4.el5_11.s390x.rpm
    MD5: de2245af4b71574cbaef743c42af6c5fSHA-256: ed427c79215cfc23771c775776ea90e4d10601f069f65e41806f6dabda2caade
nss-tools-3.19.1-4.el5_11.s390x.rpm
    MD5: 8f3644756fef8157ab0459a4829562b2SHA-256: 7a9873d6f863882a8456341af4ac51c03b4f88586872accb5143c2865f0b2f8a
 
x86_64:
nss-3.19.1-4.el5_11.i386.rpm
    MD5: 83ca14029531b9d549bb8df9f5aac525SHA-256: 450dd70148a25759d516bb7f9ee6864a8038221cd23cffa78dd4c97a6fcaf5b2
nss-3.19.1-4.el5_11.x86_64.rpm
    MD5: 4976117843e939b48d8944c3d863c2b3SHA-256: 943076eece09883a2319211f72064bb9cbd3ca45ee8f0d754a58e0a91e38ea8b
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-debuginfo-3.19.1-4.el5_11.x86_64.rpm
    MD5: 45061cba17fae1dfe581a415d44773bfSHA-256: 72a6d9440442e9e6765d9f22877b72a83bfa00dcfe9a704b50e565f69795d1d3
nss-devel-3.19.1-4.el5_11.i386.rpm
    MD5: e9ac998fc83624b5e42b8ef508c70db4SHA-256: 7d77d7819b16fc71965ed86ca7e10f6be48c5997a13512fb8d77f56d3bf13b74
nss-devel-3.19.1-4.el5_11.x86_64.rpm
    MD5: 4d831042af7dfa6e80ad6bf9579cd4efSHA-256: 65ddd0935783f0ac00c61fd3e13d7fb6509f01d3afa423c7dbfdb4c3aabc4281
nss-pkcs11-devel-3.19.1-4.el5_11.i386.rpm
    MD5: 472d167a003745770ca3d0b7c7109ed4SHA-256: 333a39e4714a367ac8f46a26c3adb6981b8e54b09b4a241c43a84c0a2a8195fd
nss-pkcs11-devel-3.19.1-4.el5_11.x86_64.rpm
    MD5: c1a2ac387761f45260de137e35545280SHA-256: fb02c20684a651c675e5b81fcba40487e1c8e6cfdcb90d261888347980b9bef9
nss-tools-3.19.1-4.el5_11.x86_64.rpm
    MD5: e6937b5083bac59f1f9a23eeeb650f43SHA-256: 8076efffecd7eb91da1bb1115921bfd4b250e599597c1daeb920a9e620fa7550
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
nss-3.19.1-4.el5_11.src.rpm
    MD5: 544778df37f1d2d9ce9e11098bc3b210SHA-256: e2ed10921358fe438dc597b79575e0288375277682c1f794f616d118703cec72
 
IA-32:
nss-3.19.1-4.el5_11.i386.rpm
    MD5: 83ca14029531b9d549bb8df9f5aac525SHA-256: 450dd70148a25759d516bb7f9ee6864a8038221cd23cffa78dd4c97a6fcaf5b2
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-tools-3.19.1-4.el5_11.i386.rpm
    MD5: 4dc8eec54f5690c46382ff359057ab2aSHA-256: 8fe0677dc573438c67b08a066581839480190c417fd42f45b426bf9a35a27693
 
x86_64:
nss-3.19.1-4.el5_11.i386.rpm
    MD5: 83ca14029531b9d549bb8df9f5aac525SHA-256: 450dd70148a25759d516bb7f9ee6864a8038221cd23cffa78dd4c97a6fcaf5b2
nss-3.19.1-4.el5_11.x86_64.rpm
    MD5: 4976117843e939b48d8944c3d863c2b3SHA-256: 943076eece09883a2319211f72064bb9cbd3ca45ee8f0d754a58e0a91e38ea8b
nss-debuginfo-3.19.1-4.el5_11.i386.rpm
    MD5: d8f4b1ead7c0738185923b7485a9f4f1SHA-256: e1dca4fae0064ec73069503185f570703b50abe5d1186e83465d84fbc0ad01dd
nss-debuginfo-3.19.1-4.el5_11.x86_64.rpm
    MD5: 45061cba17fae1dfe581a415d44773bfSHA-256: 72a6d9440442e9e6765d9f22877b72a83bfa00dcfe9a704b50e565f69795d1d3
nss-tools-3.19.1-4.el5_11.x86_64.rpm
    MD5: e6937b5083bac59f1f9a23eeeb650f43SHA-256: 8076efffecd7eb91da1bb1115921bfd4b250e599597c1daeb920a9e620fa7550
 
(The unlinked packages above are only available from the Red Hat Network)

1310509 – CVE-2016-1950 nss: Heap buffer overflow vulnerability in ASN1 certificate parsing (MFSA 2016-35)

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: