drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in NSS (Aktualisierung)
Name: |
Denial of Service in NSS (Aktualisierung) |
|
ID: |
USN-1540-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Di, 21. August 2012, 14:45 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441 |
|
Applikationen: |
NSS |
|
Update von: |
Denial of Service in NSS |
|
Originalnachricht |
--===============0995020132670765058== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-MGId0Wcm+p9QY/3rLQhb"
--=-MGId0Wcm+p9QY/3rLQhb Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1540-2 August 21, 2012
nss vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
NSS could be made to crash if it opened a specially crafted certificate.
Software Description: - nss: Network Security Service library
Details:
USN-1540-1 fixed vulnerabilities in NSS. This update provides the corresponding updates for Ubuntu 12.04 LTS.
Original advisory details:
Kaspar Brand discovered a vulnerability in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. If the user were tricked into opening a specially crafted certificate, an attacker could possibly exploit this to cause a denial of service via application crash.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libnss3 3.13.1.with.ckbi.1.88-1ubuntu6.1
After a standard system update you need to restart any applications that use NSS, such as Evolution, to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1540-2 http://www.ubuntu.com/usn/usn-1540-1 CVE-2012-0441
Package Information: https://launchpad.net/ubuntu/+source/nss/3.13.1.with.ckbi.1.88-1ubuntu6.1
--ÖGId0Wcm+p9QY/3rLQhb Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQM3rGAAoJEGVp2FWnRL6TCuUQAJCSVB3Xsu3IRc5/yp/jv74H CIOybKDZB8SOIgcu2l46sU/BA29WOjTkKUNAIkz1FI10GZx9wrI00zQKEUmGzLkp qExYuk4bPPdq71Ea15NRBlsPx1YP7n9LB5t4BQ4xHZzDta8CbNto5X4R1kuhG4d3 p6yLF+mKpVN9MdnAeVxycXhXPyb71e41w1r+hVGq9Hw6T0KGSJysIwZUBav/SV71 402l7G7cc0WCvuIwwzHo3aZgaG8pwzbsSlNpBzjXtD0ziKQHArbqKlK25FQNaS7m xeS4xMtIZsxEQwUWSZ6tRIai4GzS/jPeuvrjoh0q5Y1n3tZusiRxF3sZ2dB8qjTn Hc4SWmn79aoRuFtjwzm/nId/bRtozJGXWLm2SI17E/W2nUUlz+eAAhMFOIHCk4UK x+PWnS1hb2l7c5FS853MvUyHwvn3W8+etxH1N1LKm5JDj6OWmVqCvk33YMbqcvh1 W6klkN8/gNsJOL+qnGskH1MFury5wKRjuzV6IUjQacuqY3Wx9UkjNSUFXuTxN8SU /CyFdx2VXK3vN5xsVoMw+y59R6nMdvjP5kOr7KxxyDnREtee9Y4wKSQ7UIwvEXpE dqjnZeFEGT1GL6Yv+JPMcndExOvBlgIzkr6NpsEcozEdR2irzpBKZdkHePxMYTow 0R0Yt9N18B/56+OGzJNh =O5js -----END PGP SIGNATURE-----
--=-MGId0Wcm+p9QY/3rLQhb--
--===============0995020132670765058== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0995020132670765058==--
|
|
|
|