User: Password:
Subscribe / Log in / New account

Mageia alert MGASA-2013-0381 (apache-mod_nss)

From:  Mageia Updates <>
Subject:  [updates-announce] MGASA-2013-0381: Updated apache-mod_nss package fixes CVE-2013-4566
Date:  Fri, 20 Dec 2013 18:27:25 +0100
Message-ID:  <>

MGASA-2013-0381 - Updated apache-mod_nss package fixes CVE-2013-4566 Publication date: 20 Dec 2013 URL: Type: security Affected Mageia releases: 3 CVE: CVE-2013-4566 Description: Updated apache-mod_nss package fixes security vulnerability: A flaw was found in the way mod_nss handled the NSSVerifyClient setting for the per-directory context. When configured to not require a client certificate for the initial connection and only require it for a specific directory, mod_nss failed to enforce this requirement and allowed a client to access the directory when no valid client certificate was provided (CVE-2013-4566). References: - - - SRPMS: - 3/core/apache-mod_nss-1.0.8-16.4.mga3

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds