[ubuntu/cosmic-updates] nss 2:3.36.1-1ubuntu1.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Jan 9 17:58:17 UTC 2019


nss (2:3.36.1-1ubuntu1.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on ECDSA signatures
    - debian/patches/CVE-2018-0495.patch: improve ecdsa and dsa in
      nss/lib/freebl/dsa.c, nss/lib/freebl/ec.c.
    - CVE-2018-0495
  * SECURITY UPDATE: ServerHello.random is all zero in v2 ClientHello
    - debian/patches/CVE-2018-12384-1.patch: fix random logic in
      nss/lib/ssl/ssl3con.c.
    - debian/patches/CVE-2018-12384-2.patch: add tests to
      nss/gtests/ssl_gtest/ssl_loopback_unittest.cc,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2018-12384
  * SECURITY UPDATE: cache side-channel variant of the Bleichenbacher attack
    - debian/patches/CVE-2018-12404-1.patch: improve RSA key exchange
      handling in nss/lib/ssl/ssl3con.c.
    - debian/patches/CVE-2018-12404-2.patch: improve padding checks in
      RSA_DecryptBlock in nss/gtests/freebl_gtest/rsa_unittest.cc,
      nss/lib/freebl/rsapkcs.c.
    - debian/patches/CVE-2018-12404-3.patch: add constant time
      mp_to_fixlen_octets in nss/gtests/freebl_gtest/mpi_unittest.cc,
      nss/lib/freebl/mpi/mpi.c, nss/lib/freebl/mpi/mpi.h.
    - CVE-2018-12404
  * debian/patches/stringop_truncation.patch: fix FTBFS.

Date: 2019-01-07 15:11:13.017988+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/nss/2:3.36.1-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Cosmic-changes mailing list