Package "nss"

Name:	nss
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: Network Security Service libraries Development files for the Network Security Service libraries
Latest version:	2:3.98-0ubuntu0.20.04.2
Release:	focal (20.04)
Level:	security
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "nss" in Focal

Repository	Area	Version
base	universe	2:3.49.1-1ubuntu1
base	main	2:3.49.1-1ubuntu1
security	universe	2:3.98-0ubuntu0.20.04.2
updates	universe	2:3.98-0ubuntu0.20.04.2
updates	main	2:3.98-0ubuntu0.20.04.2

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2:3.98-0ubuntu0.20.04.2 2024-04-11 20:06:55 UTC

nss (2:3.98-0ubuntu0.20.04.2) focal-security; urgency=medium * SECURITY REGRESSION: failure to open modules (LP: #2060906) - debian/patches/85_security_load.patch: fix broken patch preventing module loading. -- Marc Deslauriers <email address hidden> Thu, 11 Apr 2024 10:23:19 -0400

Source diff to previous version

2060906

attempt to add opensc using modutil suddenly fails

Version: 2:3.98-0ubuntu0.20.04.1 2024-04-10 15:27:03 UTC

nss (2:3.98-0ubuntu0.20.04.1) focal-security; urgency=medium * Updated to upstream 3.98 to fix security issues and get a new CA certificate bundle. - CVE-2023-4421: PKCS#1 v1.5 Bleichenbacher-like attack - CVE-2023-5388: timing issue in RSA operations - CVE-2023-6135: side-channel in multiple NSS NIST curves * Removed patches included in new version: - debian/patches/set-tls1.2-as-minimum.patch - debian/patches/bz1608327-freebl-arm - debian/patches/CVE-*.patch * Updated patches for new version: - debian/patches/38_hppa.patch - debian/patches/85_security_load.patch - debian/patches/disable_fips_enabled_read.patch * debian/control: bump libnspr version to 2:4.34. * debian/libnss3.symbols: added new symbols. -- Marc Deslauriers <email address hidden> Thu, 21 Mar 2024 09:44:10 -0400

Source diff to previous version

CVE-2023-4421	The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of th
CVE-2023-5388	NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the pr
CVE-2023-6135	Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the

Version: 2:3.49.1-1ubuntu1.9	2023-02-27 14:07:01 UTC
`nss (2:3.49.1-1ubuntu1.9) focal-security; urgency=medium * SECURITY UPDATE: Arbitrary memory write via PKCS 12 in NSS - debian/patches/CVE-2023-0767.patch: improve handling of unknown PKCS#12 safe bag types in nss/lib/pkcs12/p12d.c, nss/lib/pkcs12/p12t.h, nss/lib/pkcs12/p12tmpl.c. - CVE-2023-0767 -- Marc Deslauriers <email address hidden> Fri, 17 Feb 2023 09:50:54 -0500`
Source diff to previous version

Version: 2:3.49.1-1ubuntu1.8 2022-07-07 14:06:36 UTC

Version: 2:3.49.1-1ubuntu1.8	2022-07-07 14:06:36 UTC
nss (2:3.49.1-1ubuntu1.8) focal-security; urgency=medium * SECURITY UPDATE: Crash when handling empty pkcs7 sequence - debian/patches/CVE-2022-22747.patch: check for missing signedData field in nss/gtests/certdb_gtest/decode_certs_unittest.cc, nss/lib/pkcs7/certread.c. - CVE-2022-22747 * SECURITY UPDATE: Free of uninitialized pointer in lg_init - debian/patches/CVE-2022-34480.patch: rearrange frees in nss/lib/softoken/legacydb/lginit.c. - CVE-2022-34480 -- Marc Deslauriers <email address hidden> Wed, 06 Jul 2022 07:23:47 -0400
Source diff to previous version

nss (2:3.49.1-1ubuntu1.8) focal-security; urgency=medium * SECURITY UPDATE: Crash when handling empty pkcs7 sequence - debian/patches/CVE-2022-22747.patch: check for missing signedData field in nss/gtests/certdb_gtest/decode_certs_unittest.cc, nss/lib/pkcs7/certread.c. - CVE-2022-22747 * SECURITY UPDATE: Free of uninitialized pointer in lg_init - debian/patches/CVE-2022-34480.patch: rearrange frees in nss/lib/softoken/legacydb/lginit.c. - CVE-2022-34480 -- Marc Deslauriers <email address hidden> Wed, 06 Jul 2022 07:23:47 -0400

Source diff to previous version

Version: 2:3.49.1-1ubuntu1.7 2022-05-11 10:06:26 UTC

nss (2:3.49.1-1ubuntu1.7) focal-security; urgency=medium * SECURITY UPDATE: Denial of service through ChangeCipherSpec - debian/patches/CVE-2020-25648-1.patch: reject CCS when compatibility is not specify or if many CCS in a row in nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc, nss/lib/ssl/ssl3con.c and nss/lib/ssl/sslimpl.h. - debian/patches/CVE-2020-25648-2.patch: reject multiple CCS packages but allow the first one in nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc, nss/lib/ssl/ssl3con.c and nss/lib/ssl/sslimpl.h. - CVE-2020-25648 -- David Fernandez Gonzalez <email address hidden> Mon, 09 May 2022 15:35:11 +0200

CVE-2020-25648

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages,

About - Send Feedback to @ubuntu_updates

Package "nss"

Links

Other versions of "nss" in Focal

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

security

PPA updates