-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : nss Version : 2:3.26-1+debu8u11 CVE ID : CVE-2020-12399 CVE-2020-12402
Several vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2020-12399 Force a fixed length for DSA exponentiation. CVE-2020-12402 Side channel vulnerabilities during RSA key generation. For Debian 8 "Jessie", these problems have been fixed in version 2:3.26-1+debu8u11. We recommend that you upgrade your nss packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl77kNMACgkQiNJCh6LY mLEnPg//Rguhvk7zU3wLjjrii/LYLzZL++pajyeU+IZfwUx7dXk+07tqjmjyQ25K kS9HTBqK560eFCYCT3HMbzjnUjVDAcVf8DxFbFVzCsqK0V+bwug39w72TQ2RjMHs Ii+Uy0wR3f8IWFqGv4sCZWlNIx/FfYq6VmhV9zdHsUFCMW52CvPXZIBlvD99OGBO eHshXb0mvEIJJPr/Bt3W8ei0SxqDUHdZx1tzTpgRPiV1IuXlZ/rUGUSwgek/CmAY 9fWyP2W01D472TU7ZEaEZf+vxy7TnXGpNhB8psFNDbTrjK5/sqKiEWkOhMFLsRl3 W/Dv1DbCeCYvuBy2IU14JpkCL+OtXympA9+TO0zR1Wks47pJHJj+4azYOAdMW7l/ 5Sc0pmOoXzXjzmfmHupd5ZMGuq0YbN4jDpMcQQ0RCFEb6edALGkJh2KEIxfj55d4 6wPnIVp4cmCGq8II4ZmIb7pavqdLdHAk01Ohnr4YqeirbzlUV8HEB4tuErMelrmi 1Sa1mFSGNteett1FbuOrwyYdollD/XVzouQYvtMJF6Lrd0vjCHZE2pwv0bFsWf+b YFK+8vgggbEt1wdLP66NW6xxkmd9WBo69cupdQdrbX+n9KH8MDDxHOdUlR1CPb7J jJAEjYz1V5T7SERlzRSnduY/tsHTXDBYqST1EI0QYIqlVQ8Go3I= =7T9U -----END PGP SIGNATURE-----