[ubuntu/xenial-security] nss 2:3.28.4-0ubuntu0.16.04.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jan 9 17:31:04 UTC 2019
nss (2:3.28.4-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: side-channel attack on ECDSA signatures
- debian/patches/CVE-2018-0495.patch: improve ecdsa and dsa in
nss/lib/freebl/dsa.c, nss/lib/freebl/ec.c.
- CVE-2018-0495
* SECURITY UPDATE: ServerHello.random is all zero in v2 ClientHello
- debian/patches/CVE-2018-12384-1.patch: fix random logic in
nss/lib/ssl/ssl3con.c.
- debian/patches/CVE-2018-12384-2.patch: add tests to
nss/gtests/ssl_gtest/ssl_loopback_unittest.cc,
nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
- CVE-2018-12384
* SECURITY UPDATE: cache side-channel variant of the Bleichenbacher attack
- debian/patches/CVE-2018-12404-1.patch: improve RSA key exchange
handling in nss/lib/ssl/ssl3con.c.
- debian/patches/CVE-2018-12404-3.patch: add constant time
mp_to_fixlen_octets in nss/gtests/freebl_gtest/mpi_unittest.cc,
nss/lib/freebl/mpi/mpi.c, nss/lib/freebl/mpi/mpi.h.
- CVE-2018-12404
Date: 2019-01-07 15:29:12.582501+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list