[ubuntu/focal-updates] nss 2:3.49.1-1ubuntu1.5 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Aug 27 16:28:21 UTC 2020
nss (2:3.49.1-1ubuntu1.5) focal-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2020-12403-*.patch: disable PKCS11 incremental
mode for ChaCha20 and fix incorrect call to ChaChaPoly1305 by PKCS11
in nss/gtests/pk11_gtest/pk11_cipherop_unittest.cc,
nss/gtests/pk11_gtest/pk11_chacha20poly1305_unittest.cc,
nss/lib/softoken/pkcs11c.c, nss/lib/freebl/chacha20poly1305.c.
- CVE-2020-12403
Date: 2020-08-21 15:17:46.916846+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/nss/2:3.49.1-1ubuntu1.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list