Package "nss"
Name: |
nss
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Network Security Service libraries
- Network Security Service libraries - transitional package
- Debugging symbols for the Network Security Service libraries
- Development files for the Network Security Service libraries
|
Latest version: |
2:3.28.4-0ubuntu0.14.04.5 |
Release: |
trusty (14.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "nss" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
nss (2:3.28.4-0ubuntu0.14.04.5) trusty-security; urgency=medium
* SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
- debian/patches/CVE-2018-18508-1.patch: add null checks in
nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
- debian/patches/CVE-2018-18508-2.patch: add null checks in
nss/lib/smime/cmsmessage.c.
- CVE-2018-18508
-- Marc Deslauriers <email address hidden> Tue, 19 Feb 2019 14:41:32 +0100
|
Source diff to previous version |
CVE-2018-18508 |
NULL pointer dereference in several CMS functions resulting in a denial of service |
|
nss (2:3.28.4-0ubuntu0.14.04.4) trusty-security; urgency=medium
* SECURITY UPDATE: side-channel attack on ECDSA signatures
- debian/patches/CVE-2018-0495.patch: improve ecdsa and dsa in
nss/lib/freebl/dsa.c, nss/lib/freebl/ec.c.
- CVE-2018-0495
* SECURITY UPDATE: ServerHello.random is all zero in v2 ClientHello
- debian/patches/CVE-2018-12384-1.patch: fix random logic in
nss/lib/ssl/ssl3con.c.
- debian/patches/CVE-2018-12384-2.patch: add tests to
nss/gtests/ssl_gtest/ssl_loopback_unittest.cc,
nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
- CVE-2018-12384
* SECURITY UPDATE: cache side-channel variant of the Bleichenbacher attack
- debian/patches/CVE-2018-12404-1.patch: improve RSA key exchange
handling in nss/lib/ssl/ssl3con.c.
- debian/patches/CVE-2018-12404-3.patch: add constant time
mp_to_fixlen_octets in nss/gtests/freebl_gtest/mpi_unittest.cc,
nss/lib/freebl/mpi/mpi.c, nss/lib/freebl/mpi/mpi.h.
- CVE-2018-12404
-- Marc Deslauriers <email address hidden> Fri, 14 Dec 2018 10:33:50 -0500
|
Source diff to previous version |
CVE-2018-0495 |
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of |
CVE-2018-12384 |
ServerHello.random is all zero when handling a v2-compatible ClientHello |
CVE-2018-12404 |
Cache side-channel variant of the Bleichenbacher attack |
|
nss (2:3.28.4-0ubuntu0.14.04.3) trusty-security; urgency=medium
* SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
- debian/patches/CVE-2017-7805.patch: Simplify handling of
CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
- CVE-2017-7805
-- Marc Deslauriers <email address hidden> Fri, 29 Sep 2017 08:54:40 -0400
|
Source diff to previous version |
nss (2:3.28.4-0ubuntu0.14.04.2) trusty-security; urgency=medium
* SECURITY UPDATE: DoS via empty SSLv2 messages
- debian/patches/CVE-2017-7502.patch: reject broken v2 records in
nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
- CVE-2017-7502
-- Marc Deslauriers <email address hidden> Fri, 16 Jun 2017 08:14:11 -0400
|
Source diff to previous version |
CVE-2017-7502 |
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by re |
|
nss (2:3.28.4-0ubuntu0.14.04.1) trusty-security; urgency=medium
* Updated to upstream 3.28.4 to fix security issues and get a new CA
certificate bundle.
* SECURITY UPDATE: DES and Triple DES ciphers birthday attack
- CVE-2016-2183
* SECURITY UPDATE: out-of-bounds write in Base64 decoding
- CVE-2017-5461
* debian/patches/99_jarfile_ftbfs.patch: removed, upstream.
* debian/patches/*.patch: refreshed for new version.
* debian/control: bump libnspr4-dev to 4.13.1.
* debian/libnss3.symbols: added new symbols.
-- Marc Deslauriers <email address hidden> Wed, 26 Apr 2017 10:25:43 -0400
|
CVE-2016-2183 |
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately |
|
About
-
Send Feedback to @ubuntu_updates