UbuntuUpdates.org

Package "nss"

Name: nss

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Network Security Service libraries
  • Network Security Service libraries
  • Debugging symbols for the Network Security Service libraries
  • Development files for the Network Security Service libraries

Latest version: 2:3.28.4-0ubuntu0.12.04.11
Release: precise (12.04)
Level: security
Repository: main

Links



Other versions of "nss" in Precise

Repository Area Version
base main 3.13.1.with.ckbi.1.88-1ubuntu6
base universe 3.13.1.with.ckbi.1.88-1ubuntu6
security universe 2:3.28.4-0ubuntu0.12.04.11
updates universe 2:3.28.4-0ubuntu0.12.04.11
updates main 2:3.28.4-0ubuntu0.12.04.11

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:3.21-0ubuntu0.12.04.1 2016-02-17 21:06:56 UTC

  nss (2:3.21-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to upstream 3.21 to fix a security issue and get a new CA
    certificate bundle.
  * SECURITY UPDATE: improper division in mp_div and mp_exptmod
    - CVE-2016-1938
  * debian/libnss3.symbols: updated for new version.
  * debian/patches/95_add_spi+cacert_ca_certs.patch: dropped, no longer
    want the SPI cert
  * debian/patches/97_SSL_RENEGOTIATE_TRANSITIONAL.patch: dropped, no
    longer needed
  * debian/patches/CVE-2015-7575.patch: dropped, upstream

 -- Marc Deslauriers <email address hidden> Thu, 04 Feb 2016 09:38:27 -0500

Source diff to previous version
CVE-2016-1938 The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, imprope
CVE-2015-7575 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature

Version: 3.19.2.1-0ubuntu0.12.04.2 2016-01-07 21:06:48 UTC

  nss (3.19.2.1-0ubuntu0.12.04.2) precise-security; urgency=medium

  * SECURITY UPDATE: incorrect MD5 support with TLS 1.2
    - debian/patches/CVE-2015-7575.patch: remove MD5 in
      nss/lib/ssl/ssl3con.c.
    - CVE-2015-7575

 -- Marc Deslauriers Thu, 07 Jan 2016 13:24:13 -0500

Source diff to previous version
CVE-2015-7575 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature

Version: 3.19.2.1-0ubuntu0.12.04.1 2015-11-04 22:07:12 UTC

  nss (3.19.2.1-0ubuntu0.12.04.1) precise-security; urgency=medium

  * Updated to upstream 3.19.2.1 to fix two security issues.
  * SECURITY UPDATE: use-after-poison in sec_asn1d_parse_leaf
    - CVE-2015-7181
  * SECURITY UPDATE: ASN.1 decoder heap overflow
    - CVE-2015-7182

 -- Marc Deslauriers Wed, 04 Nov 2015 11:26:48 -0600

Source diff to previous version
CVE-2015-7181 ASan: use-after-poison in sec_asn1d_parse_leaf()

Version: 3.19.2-0ubuntu0.12.04.1 2015-07-09 18:07:29 UTC

  nss (3.19.2-0ubuntu0.12.04.1) precise-security; urgency=medium

  * SECURITY UPDATE: update to upstream 3.19.2 to fix multiple security
    issues and get a new CA certificate bundle.
    - CVE-2015-2721
    - CVE-2015-2730
  * debian/libnss3.symbols: updated for new version.
  * debian/patches/relax_dh_size.patch: relax minimum DH size to 768 bits
    for compatibility reasons. This patch will get reverted in the future
    once servers have upgraded to longer DH sizes.

 -- Marc Deslauriers Wed, 08 Jul 2015 12:29:51 -0400

Source diff to previous version
CVE-2015-2721 Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thund
CVE-2015-2730 Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and

Version: 3.17.4-0ubuntu0.12.04.1 2015-02-19 19:06:48 UTC

  nss (3.17.4-0ubuntu0.12.04.1) precise-security; urgency=medium

  * SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate
    bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031)
  * Removed unneeded patches:
    - debian/patches/CVE-2014-1569.patch: included upstream.
 -- Marc Deslauriers <email address hidden> Thu, 19 Feb 2015 07:45:59 -0500

1423031 NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
CVE-2014-1569 The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does



About   -   Send Feedback to @ubuntu_updates