[ubuntu/xenial-security] nss 2:3.28.4-0ubuntu0.16.04.6 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jul 16 12:05:45 UTC 2019
nss (2:3.28.4-0ubuntu0.16.04.6) xenial-security; urgency=medium
* SECURITY UPDATE: OOB read when importing a curve25519 private key
- debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
leading 0's from key material during PKCS11 import in
nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
- CVE-2019-11719
* SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
- debian/patches/CVE-2019-11729-1.patch: more thorough input checking
in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
- CVE-2019-11729
Date: 2019-07-12 12:57:13.868666+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list