[ubuntu/focal-proposed] nss 2:3.47-1ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Nov 26 14:40:20 UTC 2019
nss (2:3.47-1ubuntu2) focal; urgency=medium
* SECURITY UPDATE: out-of-bounds write in NSC_EncryptUpdate
- debian/patches/CVE-2019-11745.patch: use maxout not block size in
nss/lib/softoken/pkcs11c.c.
- CVE-2019-11745
Date: Tue, 26 Nov 2019 08:31:39 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/nss/2:3.47-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 26 Nov 2019 08:31:39 -0500
Source: nss
Architecture: source
Version: 2:3.47-1ubuntu2
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
nss (2:3.47-1ubuntu2) focal; urgency=medium
.
* SECURITY UPDATE: out-of-bounds write in NSC_EncryptUpdate
- debian/patches/CVE-2019-11745.patch: use maxout not block size in
nss/lib/softoken/pkcs11c.c.
- CVE-2019-11745
Checksums-Sha1:
15ae98e9b8fe7c64f6a03ba7104fbabb2e5c2065 2262 nss_3.47-1ubuntu2.dsc
9d87713ecf8119a73eed4a8621e76a6703c43c42 22820 nss_3.47-1ubuntu2.debian.tar.xz
76132e6c0e4a1b59cd4441d6d79baa15b2b34526 5754 nss_3.47-1ubuntu2_source.buildinfo
Checksums-Sha256:
f574b9840f88e574ed771c951f883b52d066d47de96a9eb21ad3634f9fa2d191 2262 nss_3.47-1ubuntu2.dsc
446509bdabb9ebdd61f3e4136a2f440eed3e3a8dd58803940f66f6bcf20d8093 22820 nss_3.47-1ubuntu2.debian.tar.xz
01344e6800064e4d7898bbb82e421f85af3311151a1addeb795a687a1b8a93f5 5754 nss_3.47-1ubuntu2_source.buildinfo
Files:
7c25c841c5eeb8ce638e2b7e641e8668 2262 libs optional nss_3.47-1ubuntu2.dsc
b62a502a97bf47c38d75ca095a381b65 22820 libs optional nss_3.47-1ubuntu2.debian.tar.xz
7ab009881f2e763832c4677d42f0c4e6 5754 libs optional nss_3.47-1ubuntu2_source.buildinfo
Original-Maintainer: Maintainers of Mozilla-related packages <team+pkg-mozilla at tracker.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl3dNXsACgkQZWnYVadE
vpNE4RAAkoPMH9WKbCb/2C1Fn1dgUvcx4lSYu1jOB0p/ttxY/7/PAr2FIUiTWG4n
PuKI4/f1EwGMJuz5UNW2sn/qT5pJpiPWIL8noluN1iVAuZE1vbfZqdGdR9KLVr7c
OyJQ9Ajj2e1eapFFswvcCOC/NRqEhM/ZxylNhafdbPH7x6DQrJXdO9BjuzPlwlnQ
cGOEA3yD/JHoz9pfr1vtjqEyVaPsl5jaMZfCrXpJNyx/XLN6u9YsxJB0ugj5c68M
69HeCHWdPDwCP2dLaPvXWFxVo4Qto3bj0O4bsFILNT6xdUMSH14mCc1OvwkGs2aC
A/WwqcfA8NeP8FKkRzY4CL6Bgf5lwKfDtBsxuwQG7SrlTpKG9ct1/3Xz9AKIrKUE
Z4pvaeH28on0/uZQUasbWwGsIFMvibp0IgPRVQkAenGup+69XLS+iVGVl95A5AyY
4KHQwlU3i2p/2mFhraC0teece2mgSxOxenAwa/VQLjvM3E65eKO45EfLtgnV5ys8
/1B43WgCFCKNAWYKgNHV4Rihzax5i3p1VkUBNE56pzTbyF4r3na6NFzVnsGTFszi
sglB92o6xzkc1XiNmH43J/yMzy4I6VxdLvWctJcxVXYE9AQDtzMYlDTId7hnUhIb
OjN/wqa//eDiWpYZW4XYTgV8pd8QZnGlxgnQMehbPKaT/hcxgOA=
=imRr
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list