You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa nss

Sigurnosni nedostatak programskog paketa nss

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-3186-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
March 13, 2015 http://www.debian.org/security/faq
– ————————————————————————-

Package : nss
CVE ID : CVE-2014-1569
Debian Bug : 773625

It was discovered that the Mozilla Network Security Service library
(nss) incorrectly handled certain ASN.1 lengths. A remote attacker could
possibly use this issue to perform a data-smuggling attack.

For the stable distribution (wheezy), this problem has been fixed in
version 2:3.14.5-1+deb7u4.

For the upcoming stable distribution (jessie), this problem has been
fixed in version 2:3.17.2-1.1.

For the unstable distribution (sid), this problem has been fixed in
version 2:3.17.2-1.1.

We recommend that you upgrade your nss packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJVApw+AAoJEAVMuPMTQ89Er54P/2hTUEoZIWoQtGbQRwjsLLeJ
jrVGylGUW/Ks4js4//tqlJrnjtVpQ7JUW+Waja1+/T72vTcZnKCAvAfpevNRuRe6
83SIOwOdfLFzW/6YJf/Y8YWfoeC/I3R8m1z/s7FKAuM5fLgGJlcdgbgTCQAzaKNg
7oQR1rF3ve960ISvtDxwgrbAyAS8GSTmePSmOggNv8eTZygSfn/3fkaj9XBGOqzH
/vsMM3qXcnkVt1/gDhuGikPZK58oz3tf0RvysiBhQX/JEniijeS8AWMsnElzttEd
8ouWnJeyUUgJWkBh2ktajVbSOBQVMgiHqA0rnjGLbi6SNq8TAS2vGqW2Mybjff4S
tqZIgiw45Wq2nfyKIRLWVByORotcrkxQI31XfUGw1MGh03wezCW7+fyEhblnKb8h
d8DK0InZrUUhNQ2cOPAf3jSk5jYtnvqRlZ+xxLZ6pFwNv118i73E3cQuKDMlloAB
RcLQWnBneTKaVv6b9Aah7C1WuyyuF7ls9gB5x11CTyCgOTKnepLNZMdS6/0zoXqA
I5WyvLXNIkgW2BrIhl+RT25dfO7thXUg/RVbNbDSFiN2yVobSeOh5ltiSol6QiSP
tTDZQFjPFWou48YTSHa/UtgZ7/+nfsaVlpHnSesKS5aewZKFFoXs4rhToAOvwGL3
7Vu/rlXNeyzOp2/JS4In
=AHyV
—–END PGP SIGNATURE—–


To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of “unsubscribe”. Trouble? Contact listmaster@lists.debian.org
Archive: https://lists.debian.org/E1YWKl6-0002Qx-K6@master.debian.org

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa Adobe Flash Player

Otkriveni su sigurnosni nedostaci u programskom paketu Adobe Flash Player. Otkrivene ranjivosti posljedica su narušavanja integriteta radne memorije, pristupa prethodno...

Close