[ubuntu/xenial-security] nss 2:3.28.4-0ubuntu0.16.04.6 (Accepted)

Tue, 16 Jul 2019 05:06:34 -0700 

nss (2:3.28.4-0ubuntu0.16.04.6) xenial-security; urgency=medium

  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - CVE-2019-11729

Date: 2019-07-12 12:57:13.868666+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.6

Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to