Univention Bugzilla – Bug 52190
nss: Multiple issues (4.4)
Last modified: 2020-10-07 14:32:07 CEST
New Debian nss 2:3.26.2-1.1+deb9u2 fixes: This update addresses the following issue(s): * * Cache side-channel variant of the Bleichenbacher attack (CVE-2018-12404) * NULL pointer dereference in several CMS functions resulting in a denial of service (CVE-2018-18508) * Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * Empty or malformed p256-ECDH public keys may trigger a segmentation fault (CVE-2019-11729) * Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745) * Check length of inputs for cryptographic primitives (CVE-2019-17006) * Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS. (CVE-2019-17007) * Side channel attack on ECDSA signature generation (CVE-2020-6829) * Timing attack on DSA signature generation (CVE-2020-12399) * P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * ECDSA timing attack mitigation bypass (CVE-2020-12401) * Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/nss_3.26.2-1.1+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-6/source/nss_3.26.2-1.1+deb9u2.dsc @@ -1,3 +1,29 @@ +2:3.26.2-1.1+deb9u2 [Tue, 29 Sep 2020 16:33:20 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2018-12404: Cache side-channel variant of the + Bleichenbacher attack. + * CVE-2018-18508: NULL pointer dereference in several CMS functions + resulting in a denial of service. + * CVE-2019-11719: Out-of-bounds read when importing curve25519 + private key. + * CVE-2019-11729: Empty or malformed p256-ECDH public keys may + trigger a segmentation fault. + * CVE-2019-11745: Out-of-bounds write when encrypting with + a block cipher. + * CVE-2019-17006: Some cryptographic primitives did not check the + length of the input text, potentially resulting in overflows. + * CVE-2019-17007: Handling of Netscape Certificate Sequences + may crash with a NULL deref leading to a denial of service. + * CVE-2020-12399: Force a fixed length for DSA exponentiation. + * CVE-2020-6829, CVE-2020-12400: Side channel attack on ECDSA + signature generation. + * CVE-2020-12401: ECDSA timing attack mitigation bypass. + * CVE-2020-12402: Side channel vulnerabilities during + RSA key generation. + * CVE-2020-12403: CHACHA20-POLY1305 decryption with undersized tag + leads to out-of-bounds read. + 2:3.26.2-1.1+deb9u1 [Sat, 07 Oct 2017 17:32:51 +0200] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://10.200.17.11/4.4-6/#1237137892644933711>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-6] 0cbd7c56eb Bug #52190: nss 2:3.26.2-1.1+deb9u2 doc/errata/staging/nss.yaml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x760>