[ubuntu/groovy-proposed] nss 2:3.49.1-1ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Jun 30 15:29:29 UTC 2020
nss (2:3.49.1-1ubuntu3) groovy; urgency=medium
* SECURITY UPDATE: Side channel vulnerabilities during RSA key generation
- debian/patches/CVE-2020-12402.patch: use constant-time GCD and
modular inversion in nss/lib/freebl/mpi/mpi.c,
nss/lib/freebl/mpi/mpi.h, nss/lib/freebl/mpi/mplogic.c.
- CVE-2020-12402
Date: Tue, 30 Jun 2020 10:41:20 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/nss/2:3.49.1-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 30 Jun 2020 10:41:20 -0400
Source: nss
Architecture: source
Version: 2:3.49.1-1ubuntu3
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
nss (2:3.49.1-1ubuntu3) groovy; urgency=medium
.
* SECURITY UPDATE: Side channel vulnerabilities during RSA key generation
- debian/patches/CVE-2020-12402.patch: use constant-time GCD and
modular inversion in nss/lib/freebl/mpi/mpi.c,
nss/lib/freebl/mpi/mpi.h, nss/lib/freebl/mpi/mplogic.c.
- CVE-2020-12402
Checksums-Sha1:
31f2154ed864fcf5c589898c96547db8be5c9f55 2276 nss_3.49.1-1ubuntu3.dsc
82687b593f481bab1892c31aee3f40fd940db87f 30084 nss_3.49.1-1ubuntu3.debian.tar.xz
a9020abdac5b7441f30131c9991f55557e675653 5829 nss_3.49.1-1ubuntu3_source.buildinfo
Checksums-Sha256:
bba4162d62a15e63cf7207621726451d08c5845da02d926ea9071e1b80bc3dda 2276 nss_3.49.1-1ubuntu3.dsc
911dfbc9fe8c7588c55b7b18de364602036c44c1c0ed8d45953a96eb181a74cc 30084 nss_3.49.1-1ubuntu3.debian.tar.xz
4f7f6eec17dfee7c13e0a0b2de73d0fee78614020bbad203e1d9f9afdfbdd45c 5829 nss_3.49.1-1ubuntu3_source.buildinfo
Files:
bb639b760a410c7aae63c402018e8bb4 2276 libs optional nss_3.49.1-1ubuntu3.dsc
9fbef0f467ddd7849c414fd7c8128c3c 30084 libs optional nss_3.49.1-1ubuntu3.debian.tar.xz
ab146f347c271279daf11b374e23da7a 5829 libs optional nss_3.49.1-1ubuntu3_source.buildinfo
Original-Maintainer: Maintainers of Mozilla-related packages <team+pkg-mozilla at tracker.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl77WeEACgkQZWnYVadE
vpO2DhAAhLSStegc/FrJo5VebD+PDHqwwZPRZrJCilj8sTBgrkGyXVtQhDu2E2pv
rCnoGEsr98wpsTSnni/YrlOQRlYy6JQP/T9j89J6itd6/EjemrAqUCCJuRnBbuSY
EIdewYV3lkivfyQF9yQD97wKi+FcUqf/fA5WcgD92MXlizQMSov0i/bfXc0G4a+u
a64bhqmsW33hc+p0lA7O2FFxrf1+YJCNd8oHdvQnmwCLxGpYVoWBoqZBXLydAehE
nERRtRHBiKfJxlJ44xmgBp6P8ZAdhd8f3jpnreDGsu76cvxUy2bvAGDsNdg743L6
8kGrXdtMwSk0iY0CMPhhR0VlNjfho3dkou1r2fPZoCUupCTWQjh5WGvfrjVkBFa1
hYL0IWfImZq5AT8O8N1I+4XnZGplYWSxENJ7V96U1h+xqu7+X97DlnhApCfvT/i2
GESaLGOZQjfesQ0k9HzH5EKk1CeikGvZcDTQ1VDJ6owcOJtYthqNmwVH/wc5wtDy
0goAUvo+g7ylL8CbzcmTXJp5ptBBHVNATXLpaxRaKZmpzOoTM5QYXTjI1WE45ObP
NmnKcCWJCTIeWmCmVM2UWQpP4HOmD+2l/b+96Tja2pvukP3X35yzOugGJtCfcma1
QSjC1FPWdW6qrE1+CqA/SZ10r8n2RNIj44BWiicrkasPT6wMr2s=
=i6RO
-----END PGP SIGNATURE-----
More information about the Groovy-changes
mailing list