drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in NSS
Name: |
Denial of Service in NSS |
|
ID: |
USN-1540-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Do, 16. August 2012, 22:36 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441 |
|
Applikationen: |
NSS |
|
Originalnachricht |
--===============0950502460772082438== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-3PI0/XMPvSoJmEyE9b+2"
--=-3PI0/XMPvSoJmEyE9b+2 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1540-1 August 16, 2012
nss vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS
Summary:
NSS could be made to crash if it opened a specially crafted certificate.
Software Description: - nss: Network Security Service library
Details:
Kaspar Brand discovered a vulnerability in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. If the user were tricked into opening a specially crafted certificate, an attacker could possibly exploit this to cause a denial of service via application crash.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: libnss3-1d 3.12.9+ckbi-1.82-0ubuntu6.1
Ubuntu 11.04: libnss3-1d 3.12.9+ckbi-1.82-0ubuntu2.2
Ubuntu 10.04 LTS: libnss3-1d 3.12.9+ckbi-1.82-0ubuntu0.10.04.4
After a standard system update you need to restart any applications that use NSS, such as Evolution, to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1540-1 CVE-2012-0441
Package Information: https://launchpad.net/ubuntu/+source/nss/3.12.9+ckbi-1.82-0ubuntu6.1 https://launchpad.net/ubuntu/+source/nss/3.12.9+ckbi-1.82-0ubuntu2.2 https://launchpad.net/ubuntu/+source/nss/3.12.9+ckbi-1.82-0ubuntu0.10.04.4
--ÓPI0/XMPvSoJmEyE9b+2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQLSsnAAoJEGVp2FWnRL6T8NAP/0ESpTC0H4e6P53nqs4fJCxv FAnmG1t1SZW18lYShSJfypmZ8fcPugNqXJodL7BwzCGZ+slJu72VJM71jRyDnUs4 0RAgWd0ChU2Kvw1RplLLkZ1he9gVKfEM1uor0HXbfLqAOs7iyxq43ZzNSqx4eJJR 6OQwu662G8dZDDhTNGGChRHj8DwoyBgLEfdaJF6Qn3GdkaQA40EOoA5TkIeniGaT EBHzwsU0es0otk4etYyWthempGOJ6Ou7JnMMHyFAbLkmx+0XGd5kL++KkaSsygI1 WW4kyQR+01HYsioBVUpsE+yJi0NdVIWRZlrs5xiwQniwzjdt4R2v5W51kkhVc/Nc DyqUPfGvOh6GGyyZENu4SmnxSn9sRAywfQfn7NisclCmYbIEtrTUJKyalWMs7oZM 44EBqeMCcDRpfMVqBPP/tJ3nnZU1Ht8p0bB1thDvz3+JD1cF5S0cKUvK9YjGmkKR VehX2nrU7C78XfnF36mO4/ayERxSDfLzV5fPjbmRtm+r7dzj5fMdkdzgE2mIRCCk TaNeotuuv5cEvKsmmM6QXjXQQDT5sM4gm9PP3DQU7kiyDB7Kql7of4SKgj8g6vvx PM+rcon0j41FRRze66bBxdDcZFtzhqgBLRISJ6s8+Bb/iLVD02BUMop+L0LByUjk 1/1tl7aR9eYmPE/9YFpb =3oFk -----END PGP SIGNATURE-----
--=-3PI0/XMPvSoJmEyE9b+2--
--===============0950502460772082438== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0950502460772082438==--
|
|
|
|