drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in NSS (Aktualisierung)
| Name: |
Denial of Service in NSS (Aktualisierung) |
|
| ID: |
USN-1540-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS |
|
| Datum: |
Di, 21. August 2012, 14:45 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441 |
|
| Applikationen: |
NSS |
|
| Update von: |
Denial of Service in NSS |
|
Originalnachricht |
--===============0995020132670765058==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-MGId0Wcm+p9QY/3rLQhb"
--=-MGId0Wcm+p9QY/3rLQhb
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1540-2
August 21, 2012
nss vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
NSS could be made to crash if it opened a specially crafted certificate.
Software Description:
- nss: Network Security Service library
Details:
USN-1540-1 fixed vulnerabilities in NSS. This update provides the
corresponding updates for Ubuntu 12.04 LTS.
Original advisory details:
Kaspar Brand discovered a vulnerability in how the Network Security
Services (NSS) ASN.1 decoder handles zero length items. If the user were
tricked into opening a specially crafted certificate, an attacker could
possibly exploit this to cause a denial of service via application crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
libnss3 3.13.1.with.ckbi.1.88-1ubuntu6.1
After a standard system update you need to restart any applications that
use NSS, such as Evolution, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1540-2
http://www.ubuntu.com/usn/usn-1540-1
CVE-2012-0441
Package Information:
https://launchpad.net/ubuntu/+source/nss/3.13.1.with.ckbi.1.88-1ubuntu6.1
--ÖGId0Wcm+p9QY/3rLQhb
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQM3rGAAoJEGVp2FWnRL6TCuUQAJCSVB3Xsu3IRc5/yp/jv74H
CIOybKDZB8SOIgcu2l46sU/BA29WOjTkKUNAIkz1FI10GZx9wrI00zQKEUmGzLkp
qExYuk4bPPdq71Ea15NRBlsPx1YP7n9LB5t4BQ4xHZzDta8CbNto5X4R1kuhG4d3
p6yLF+mKpVN9MdnAeVxycXhXPyb71e41w1r+hVGq9Hw6T0KGSJysIwZUBav/SV71
402l7G7cc0WCvuIwwzHo3aZgaG8pwzbsSlNpBzjXtD0ziKQHArbqKlK25FQNaS7m
xeS4xMtIZsxEQwUWSZ6tRIai4GzS/jPeuvrjoh0q5Y1n3tZusiRxF3sZ2dB8qjTn
Hc4SWmn79aoRuFtjwzm/nId/bRtozJGXWLm2SI17E/W2nUUlz+eAAhMFOIHCk4UK
x+PWnS1hb2l7c5FS853MvUyHwvn3W8+etxH1N1LKm5JDj6OWmVqCvk33YMbqcvh1
W6klkN8/gNsJOL+qnGskH1MFury5wKRjuzV6IUjQacuqY3Wx9UkjNSUFXuTxN8SU
/CyFdx2VXK3vN5xsVoMw+y59R6nMdvjP5kOr7KxxyDnREtee9Y4wKSQ7UIwvEXpE
dqjnZeFEGT1GL6Yv+JPMcndExOvBlgIzkr6NpsEcozEdR2irzpBKZdkHePxMYTow
0R0Yt9N18B/56+OGzJNh
=O5js
-----END PGP SIGNATURE-----
--=-MGId0Wcm+p9QY/3rLQhb--
--===============0995020132670765058==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0995020132670765058==--
|
|
|
|
