Sicherheit: Preisgabe von Informationen in NSS

Lesezeichen hinzufügen

--===============5126313955844714292==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="wac7ysb48OaltWcw"
Content-Disposition: inline

--wac7ysb48OaltWcw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4476-1
August 27, 2020

nss vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM

Summary:

NSS could be made to expose sensitive information if it received a specially
crafted
input.

Software Description:
- nss: Network Security Service library

Details:

It was discovered that NSS incorrectly handled some inputs.
An attacker could possibly use this issue to expose sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
libnss3 2:3.49.1-1ubuntu1.5

Ubuntu 18.04 LTS:
libnss3 2:3.35-2ubuntu2.12

Ubuntu 16.04 LTS:
libnss3 2:3.28.4-0ubuntu0.16.04.14

Ubuntu 14.04 ESM:
libnss3 2:3.28.4-0ubuntu0.14.04.5+esm8

Ubuntu 12.04 ESM:
libnss3 2:3.28.4-0ubuntu0.12.04.11

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/4476-1
CVE-2020-12403

Package Information:
https://launchpad.net/ubuntu/+source/nss/2:3.49.1-1ubuntu1.5
https://launchpad.net/ubuntu/+source/nss/2:3.35-2ubuntu2.12
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.14

--wac7ysb48OaltWcw
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl9H8IAACgkQRbznW4QL
H2kJFA//eXxhPt0c0nniTvY6HZf8HVRJXKz9Swb5e1mnabwNAJJg387sprLMMCX/
AezrpdXix4Ik+FNiigPg9B3u8pLz0oH5OpaRm1h4KrSXN04z/62cqH95Ayw+CUxK
SszJS6y9rmd/wSqYPcQc+1bSjy9ylMP0kJ3EbWFWh92gH8zOln3R0vrv+/GtJO82
9G20sa774NjvF58noGfbTOEruCp/USiHZiRYkXF4uJPQuqANDE16qvLZC9uQdhAm
Ok7uF9Qf8yMG3AP40aTzBjiu1aGF9p9iFmY1GqIVYXiplX1UG0FMoWvW7jtD4cfv
wT2wZKGWcBfh9fiVdTpecqJy8qH9gPR9Dv2rANuFHNDV3lG0aVros9/nfZ6aMCj2
DYfHLN/HxQQ86/d2p3ax6Y4C83dfx/8Uq86OUTH0IUAH166OTjtRHrJLUqlF4zuh
pajTOKFbYUEnH4Q9PWlr97IQTFfLsnwvbNyj+FZFYPoFY5PQcdbFvu6Sl3BZSFvs
J5Oev2LLyKwIYnui4IaSBf0f5KlIA1ZLV/kTvX5bsjDExI7LVYMu38JlT/i7wYwJ
1J5PRG+WbTFOn/v5RSbsKjQLrK9H8cfRYqHCDP+SojrSj42YVQEo6Mow5p5XMa/k
N/FR4sULR63bzN7pCWtlclFDqTuUfoNXcll2BCci9mpq7IVh3GQ=
=eCbS
-----END PGP SIGNATURE-----

--wac7ysb48OaltWcw--

--===============5126313955844714292==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce