drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in NSS
| Name: |
Denial of Service in NSS |
|
| ID: |
USN-1540-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.04, Ubuntu 11.10 |
|
| Datum: |
Do, 16. August 2012, 22:36 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441 |
|
| Applikationen: |
NSS |
|
Originalnachricht |
--===============0950502460772082438==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-3PI0/XMPvSoJmEyE9b+2"
--=-3PI0/XMPvSoJmEyE9b+2
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1540-1
August 16, 2012
nss vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS
Summary:
NSS could be made to crash if it opened a specially crafted certificate.
Software Description:
- nss: Network Security Service library
Details:
Kaspar Brand discovered a vulnerability in how the Network Security
Services (NSS) ASN.1 decoder handles zero length items. If the user were
tricked into opening a specially crafted certificate, an attacker could
possibly exploit this to cause a denial of service via application crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
libnss3-1d 3.12.9+ckbi-1.82-0ubuntu6.1
Ubuntu 11.04:
libnss3-1d 3.12.9+ckbi-1.82-0ubuntu2.2
Ubuntu 10.04 LTS:
libnss3-1d 3.12.9+ckbi-1.82-0ubuntu0.10.04.4
After a standard system update you need to restart any applications that
use NSS, such as Evolution, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1540-1
CVE-2012-0441
Package Information:
https://launchpad.net/ubuntu/+source/nss/3.12.9+ckbi-1.82-0ubuntu6.1
https://launchpad.net/ubuntu/+source/nss/3.12.9+ckbi-1.82-0ubuntu2.2
https://launchpad.net/ubuntu/+source/nss/3.12.9+ckbi-1.82-0ubuntu0.10.04.4
--ÓPI0/XMPvSoJmEyE9b+2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQLSsnAAoJEGVp2FWnRL6T8NAP/0ESpTC0H4e6P53nqs4fJCxv
FAnmG1t1SZW18lYShSJfypmZ8fcPugNqXJodL7BwzCGZ+slJu72VJM71jRyDnUs4
0RAgWd0ChU2Kvw1RplLLkZ1he9gVKfEM1uor0HXbfLqAOs7iyxq43ZzNSqx4eJJR
6OQwu662G8dZDDhTNGGChRHj8DwoyBgLEfdaJF6Qn3GdkaQA40EOoA5TkIeniGaT
EBHzwsU0es0otk4etYyWthempGOJ6Ou7JnMMHyFAbLkmx+0XGd5kL++KkaSsygI1
WW4kyQR+01HYsioBVUpsE+yJi0NdVIWRZlrs5xiwQniwzjdt4R2v5W51kkhVc/Nc
DyqUPfGvOh6GGyyZENu4SmnxSn9sRAywfQfn7NisclCmYbIEtrTUJKyalWMs7oZM
44EBqeMCcDRpfMVqBPP/tJ3nnZU1Ht8p0bB1thDvz3+JD1cF5S0cKUvK9YjGmkKR
VehX2nrU7C78XfnF36mO4/ayERxSDfLzV5fPjbmRtm+r7dzj5fMdkdzgE2mIRCCk
TaNeotuuv5cEvKsmmM6QXjXQQDT5sM4gm9PP3DQU7kiyDB7Kql7of4SKgj8g6vvx
PM+rcon0j41FRRze66bBxdDcZFtzhqgBLRISJ6s8+Bb/iLVD02BUMop+L0LByUjk
1/1tl7aR9eYmPE/9YFpb
=3oFk
-----END PGP SIGNATURE-----
--=-3PI0/XMPvSoJmEyE9b+2--
--===============0950502460772082438==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0950502460772082438==--
|
|
|
|
