-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2388-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk September 29, 2020 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : nss Version : 2:3.26.2-1.1+deb9u2 CVE ID : CVE-2018-12404 CVE-2018-18508 CVE-2019-11719 CVE-2019-11729 CVE-2019-11745 CVE-2019-17006 CVE-2019-17007 CVE-2020-6829 CVE-2020-12399 CVE-2020-12400 CVE-2020-12401 CVE-2020-12402 CVE-2020-12403 Debian Bug : 921614 961752 963152 Various vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2018-12404 Cache side-channel variant of the Bleichenbacher attack. CVE-2018-18508 NULL pointer dereference in several CMS functions resulting in a denial of service. CVE-2019-11719 Out-of-bounds read when importing curve25519 private key. CVE-2019-11729 Empty or malformed p256-ECDH public keys may trigger a segmentation fault. CVE-2019-11745 Out-of-bounds write when encrypting with a block cipher. CVE-2019-17006 Some cryptographic primitives did not check the length of the input text, potentially resulting in overflows. CVE-2019-17007 Handling of Netscape Certificate Sequences may crash with a NULL dereference leading to a denial of service. CVE-2020-12399 Force a fixed length for DSA exponentiation. CVE-2020-6829 CVE-2020-12400 Side channel attack on ECDSA signature generation. CVE-2020-12401 ECDSA timing attack mitigation bypass. CVE-2020-12402 Side channel vulnerabilities during RSA key generation. CVE-2020-12403 CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read. For Debian 9 stretch, these problems have been fixed in version 2:3.26.2-1.1+deb9u2. We recommend that you upgrade your nss packages. For the detailed security status of nss please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nss Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl9zh9AACgkQiNJCh6LY mLECsBAAwG1ooIYlA1tctSKDyDWOAZ/eXED+xSc2ybze888ttYQkCCPwKo9kC75o x7gexxkQ1re4kw7J/D9LFW/fSiCEtiU2HYgvsSjk9broRBAFzwKT5+RcQf4939rb KdQu0n5CqbSybdCq12Q6RNOj1n6SuthYYDxy58DvnU6OK+6fzFR1Av3/cVyNxCvr QiGLW23ZvWwiui3UjP2ZgPhqSMu3V+bsDcbcu1698kQitPLp34VyqU7MJZyyMT4H NZh/wbPANZyi2i4O6i6KxA7zu/O7hfdxY75svCa8/YKe+4oK2j85QtkQhKlL7d1g lW7m2OU3wMeSfjvYnRgtt+Yubl4obHptD/oS1qy7sImq849eNyD7vVcS78vVRFh8 V7q6+2viEkkta/jpw5u7ELRrjIo6lprMd0rddaDzNMiKmzumR6zUqjxuIPGNnE1+ rQ7JLl0oRZvKFBKYPzE2oo1fG77K7qIBV2qATZ6QE9bGEhApnTqKen7x1UU0n6xK UO4IfETtsYwyKvlwb1FY3nfEF/0T3tDw/wLajSjTj7eZui1bbuwthIopdKYYUbLw vSsedvKfH5c3mL3u5lCJxwp8XUMioJ8Pw9yAZgxYI8a/cZOy0Cxix2ROgIcbIq8L WZ5++RMIEJ+B0GMa8RONTcD7WGAF8Ns1LyxOohAPWau2oEfsXr0= =VSGn -----END PGP SIGNATURE-----