An update for nss is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Network Security Services (NSS) is a set of libraries designed to support the
cross-platform development of security-enabled client and server applications.
- A null pointer dereference flaw was found in the way NSS handled empty SSLv2
messages. An attacker could use this flaw to crash a server application compiled
against the NSS library. (CVE-2017-7502)
- The Network Security Services (NSS) code and Certificate Authority (CA) list
have been updated to meet the recommendations as published with the latest
Mozilla Firefox Extended Support Release (ESR). The updated CA list improves
compatibility with the certificates that are used in the Internet Public Key
Infrastructure (PKI). To avoid certificate validation refusals, Red Hat
recommends installing the updated CA list on June 12, 2017. (BZ#1451421)