[ubuntu/focal-security] nss 2:3.49.1-1ubuntu1.5 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Thu Aug 27 15:59:33 UTC 2020
nss (2:3.49.1-1ubuntu1.5) focal-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2020-12403-*.patch: disable PKCS11 incremental
mode for ChaCha20 and fix incorrect call to ChaChaPoly1305 by PKCS11
in nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc,
nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
nss/lib/softoken/pkcs11c.c, nss/lib/freebl/chacha20poly1305.c.
- CVE-2020-12403
Date: 2020-08-21 15:17:46.916846+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/nss/2:3.49.1-1ubuntu1.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list