Univention Bugzilla – Bug 54197
nss: Multiple issues (5.0)
Last modified: 2021-12-08 17:17:20 CET
New Debian nss 2:3.42.1-1+deb10u4 fixes: This update addresses the following issue: * Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) (CVE-2021-43527)
--- mirror/ftp/pool/main/n/nss/nss_3.42.1-1+deb10u3.dsc +++ apt/ucs_5.0-0-errata5.0-0/source/nss_3.42.1-1+deb10u4.dsc @@ -1,3 +1,8 @@ +2:3.42.1-1+deb10u4 [Wed, 01 Dec 2021 20:42:14 +0100] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * Ensure DER encoded signatures are within size limits (CVE-2021-43527) + 2:3.42.1-1+deb10u3 [Wed, 08 Jul 2020 20:37:58 +0200] Moritz Mühlenhoff <jmm@debian.org>: * CVE-2019-17006 CVE-2019-17023 CVE-2020-12399 CVE-2020-12402 <http://piuparts.knut.univention.de/5.0-0/#8946548568190563518>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-0] fddceadc28 Bug #54197: nss 2:3.42.1-1+deb10u4 doc/errata/staging/nss.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x165>