[ubuntu/disco-proposed] nss 2:3.42-1ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Feb 19 12:37:15 UTC 2019
nss (2:3.42-1ubuntu2) disco; urgency=medium
* SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
- debian/patches/CVE-2018-18508-1.patch: add null checks in
nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
- debian/patches/CVE-2018-18508-2.patch: add null checks in
nss/lib/smime/cmsmessage.c.
- CVE-2018-18508
Date: Tue, 19 Feb 2019 12:04:49 +0100
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/nss/2:3.42-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 19 Feb 2019 12:04:49 +0100
Source: nss
Binary: libnss3 libnss3-tools libnss3-dev
Architecture: source
Version: 2:3.42-1ubuntu2
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libnss3 - Network Security Service libraries
libnss3-dev - Development files for the Network Security Service libraries
libnss3-tools - Network Security Service tools
Changes:
nss (2:3.42-1ubuntu2) disco; urgency=medium
.
* SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
- debian/patches/CVE-2018-18508-1.patch: add null checks in
nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
- debian/patches/CVE-2018-18508-2.patch: add null checks in
nss/lib/smime/cmsmessage.c.
- CVE-2018-18508
Checksums-Sha1:
bf6521614bdebe94ef4f09b35b2f80b7b6f7a278 2262 nss_3.42-1ubuntu2.dsc
40fa1b355e7feb86acc5363ad86d7be3379da819 24192 nss_3.42-1ubuntu2.debian.tar.xz
c3ae0d81cd90dbe9b89d588f418da90a931f2686 5700 nss_3.42-1ubuntu2_source.buildinfo
Checksums-Sha256:
9ed03daf4c9b13902885075fe14e3fc309f5e2fdef8738904465ebacd41898bb 2262 nss_3.42-1ubuntu2.dsc
17f5239008002ebb36f253c729d82aac95f2c75c11128bbc87e766ca9e820748 24192 nss_3.42-1ubuntu2.debian.tar.xz
f596b58d6cfa1dff246fb1792b23762fcb05cdc3e0f786d6d2a09f30de7763a5 5700 nss_3.42-1ubuntu2_source.buildinfo
Files:
0b64dcc8524c88ad005b95e820bcc1d9 2262 libs optional nss_3.42-1ubuntu2.dsc
eda2072dc6a1d7faa6b7a5ebbce32e0a 24192 libs optional nss_3.42-1ubuntu2.debian.tar.xz
f32c81a13e7f702663be04ea2565959f 5700 libs optional nss_3.42-1ubuntu2_source.buildinfo
Original-Maintainer: Maintainers of Mozilla-related packages <team+pkg-mozilla at tracker.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlxr990ACgkQZWnYVadE
vpNioBAAnaEmIwuOWgGQbaxfs9I3dv8i45vmBuTKQxYXms0V1lcwTR2o+02QQJ4+
RilLW9KuSxOktVzc1/YnRT0Nv7TD69tF2RFT1cDOrcwc7wuHZnovoAnaL4vOw5l+
lNNlUoW6kp/omvjBNB8aHB1UlgAXRto+RsxBh1wxHKToE6GpJhLJr4JWG1fBT3Tf
IVUbCMOSlyRH+J/7o6aargvoGBn72vmkKjqeRRPeTe5iG8wsVEbaDmuDA4mFZ1gq
K0qIKNGL7uad368uavhwecPTnWwVz/5V+zTTZGeFxMl1uzDjfVYlvIopKRQV1MHU
gaWZ5UBGJWMEMYMqjqKYa4EspWpPqyq7TbJi3ncQy3naIoq0W/X++CZ8Q+iPMgBz
dCtOhMS144SibBHWsDK2RGEFCSFqsGCuBaG9cDVC6bPBdIqyHASj2pSJ9MUzD2Gj
XUHGh6zfFJoQ7W/c6kv/utrPN2dXEzSLbE9X2WplAWWgHD8sfTatfbnNZieY8+n6
TyetDThKZRflOoV1F33ZJ3aaWMzbtZSvDmmaMzxRhWZFGvaBuNefS/3u4KkjQpPI
UCE//AIRzmeYZcWD6Rvku8Ad6gNBQ+aUMvrttu4bwWRm5wTLZ4P/NHfG/IAerann
tVy1kU+/ZLzFZbjsz9cqdl9esrJ8OISb19Q2kJt5ehdB4Rn5Khc=
=wCvI
-----END PGP SIGNATURE-----
More information about the Disco-changes
mailing list