Univention Bugzilla – Bug 56779
nss: Multiple issues (5.0)
Last modified: 2023-11-02 14:54:02 CET
New Debian nss 2:3.42.1-1+deb10u7 fixes: This update addresses the following issues: 2:3.42.1-1+deb10u7 (Sat, 28 Oct 2023 11:58:15 +0100) * Non-maintainer upload by the LTS Security Team. * CVE-2020-25648: Tighten handling of CCS msgs in TLS 1.3 to avoid DoS. * CVE-2023-4421: Quieten PKCS#11 interface to avoid timing issues. - Pass --no-parallel to dh(1) and -j1 in override_dh_autobuild.
--- mirror/ftp/pool/main/n/nss/nss_3.42.1-1+deb10u6.dsc +++ apt/ucs_5.0-0-errata5.0-5/source/nss_3.42.1-1+deb10u7.dsc @@ -1,3 +1,10 @@ +2:3.42.1-1+deb10u7 [Sat, 28 Oct 2023 11:58:15 +0100] Sean Whitton <spwhitton@spwhitton.name>: + + * Non-maintainer upload by the LTS Security Team. + * CVE-2020-25648: Tighten handling of CCS msgs in TLS 1.3 to avoid DoS. + * CVE-2023-4421: Quieten PKCS#11 interface to avoid timing issues. + - Pass --no-parallel to dh(1) and -j1 in override_dh_autobuild. + 2:3.42.1-1+deb10u6 [Mon, 20 Feb 2023 14:50:05 +0100] Markus Koschany <apo@debian.org>: * Non-maintainer upload by the LTS team. <http://piuparts.knut.univention.de/5.0-5/#5482716343749685601>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-5] a53e9f0bc0 Bug #56779: nss 2:3.42.1-1+deb10u7 doc/errata/staging/nss.yaml | 2 -- 1 file changed, 2 deletions(-) [5.0-5] a4e815bf7b Bug #56779: nss 2:3.42.1-1+deb10u7 doc/errata/staging/nss.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x860>