[ubuntu/xenial-proposed] nss 2:3.19.2.1-0ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Nov 4 17:17:13 UTC 2015 

nss (2:3.19.2.1-0ubuntu1) xenial; urgency=medium

  * Updated to upstream 3.19.2.1 to fix two security issues.
  * SECURITY UPDATE: use-after-poison in sec_asn1d_parse_leaf
    - CVE-2015-7181
  * SECURITY UPDATE: ASN.1 decoder heap overflow
    - CVE-2015-7182

Date: Wed, 04 Nov 2015 10:33:01 -0600
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/nss/2:3.19.2.1-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 04 Nov 2015 10:33:01 -0600
Source: nss
Binary: libnss3 libnss3-1d libnss3-nssdb libnss3-tools libnss3-dev libnss3-dbg
Architecture: source
Version: 2:3.19.2.1-0ubuntu1
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libnss3    - Network Security Service libraries
 libnss3-1d - Network Security Service libraries - transitional package
 libnss3-dbg - Debugging symbols for the Network Security Service libraries
 libnss3-dev - Development files for the Network Security Service libraries
 libnss3-nssdb - Network Security Security libraries - shared databases
 libnss3-tools - Network Security Service tools
Changes:
 nss (2:3.19.2.1-0ubuntu1) xenial; urgency=medium
 .
   * Updated to upstream 3.19.2.1 to fix two security issues.
   * SECURITY UPDATE: use-after-poison in sec_asn1d_parse_leaf
     - CVE-2015-7181
   * SECURITY UPDATE: ASN.1 decoder heap overflow
     - CVE-2015-7182
Checksums-Sha1:
 719602ec2f95124700c666fc54cf3797216f9906 2411 nss_3.19.2.1-0ubuntu1.dsc
 e8198827d8b30a5e958611013cbab2c0f68601c5 6957263 nss_3.19.2.1.orig.tar.gz
 ae52beccc9c64d2ed18ab2b2adc162749627e80c 32152 nss_3.19.2.1-0ubuntu1.debian.tar.xz
Checksums-Sha256:
 6dc0773da9badd1952814de3fd86f9433cca336787f2044de5f88fdf09718ec9 2411 nss_3.19.2.1-0ubuntu1.dsc
 ab7eaf3d6b26e6b238d80a613314adf2d97789ada7eec4c971c93b925f22285e 6957263 nss_3.19.2.1.orig.tar.gz
 94b61c98d7037526669195d2ff2476b7353ec63e3bd186fe80a6138a24731017 32152 nss_3.19.2.1-0ubuntu1.debian.tar.xz
Files:
 6bda10dc6f9d838a74515691b796cc8d 2411 libs optional nss_3.19.2.1-0ubuntu1.dsc
 f7b1c00899b16cd05076b406595b1af2 6957263 libs optional nss_3.19.2.1.orig.tar.gz
 232105b60196da82a5d3921614bbccde 32152 libs optional nss_3.19.2.1-0ubuntu1.debian.tar.xz
Original-Maintainer: Maintainers of Mozilla-related packages <pkg-mozilla-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWOjx1AAoJEGVp2FWnRL6T4J4QAKLPMzNM0uInf0oTW+/MexPc
rZsURmguBC3aelaukFAs3qzgF+BVaEcDADfI9KeQ3+bNoca/T02U0Np52xrotAEP
n6oznW9K1qgClfu7cr5jfpxK9Iy5e2aPdoc1DmrC6Hviy7C84O3xxEkPgBpPmv8a
kWjKtZch4RPc8CgaOwfJxSSKEOxctR8QxVfnXYjANJDDDGulc0bosF5SDwihVDyx
fiXVKGVDjlBVcYy1HtqCEecdPyKnUbIbhXb2VTwUNRzMabWht0lP8jITO4A+tITV
8CUy5H03lzFslf8aS5CyesJuaucBwPjBwKckN7BPa9y7IyqeRLX/BLfgfAU2G2+2
+fzjxLhViPPe9XaUdgnErNGkIZV8t1wF2T1hyMkKiy0Ewqw8YrQsdoI8bsc4b+ij
iShqtvkz7iNzHnPhTw8TFrEe8BVBHy5IqZP/YezZuRvPggAZ184mQl8NjZh3v6l8
HKqU1RpLztPjkMfszSD6O+zr+2F0XQ4bFoDDWpviSeCrUVcrdoY7yuXrN1S8yqwd
5tBJ7z/3DS8Ys1UCuFusdbHgSwFM6kwFsR3Y2NkaGwmcpzWpaf0ZCaqSMW2yd0aC
1B048b8QcnLB6oXf0Bq2If45HxgqjhffG3ogpGT//2OlMx+9schoEKauO9i55oyv
ZsUWAzy5PhGGcdpddUiT
=lEws
-----END PGP SIGNATURE-----

More information about the Xenial-changes mailing list