Bug 37045 – nss: Multiple issues (4.0)

Bug 37045 - nss: Multiple issues (4.0)


Summary:	nss: Multiple issues (4.0)

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.0
Hardware:	Other Linux

Importance:	P3 normal (vote)
Target Milestone:	UCS 4.0-3-errata
Assigned To:	Stefan Gohmann
QA Contact:	Philipp Hahn

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2014-11-26 13:01 CET by Moritz Muehlenhoff
Modified:	2017-10-26 13:54 CEST (History)
CC List:	3 users (show)

See Also:
What kind of report is it?:	---
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Flags:	requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Moritz Muehlenhoff

2014-11-26 13:01:26 CET

Use-after-free in certificate handling (CVE-2014-1544)

Comment 1 Moritz Muehlenhoff

2014-12-16 15:13:32 CET

ASN.1 DER decoding of lengths is too permissive (CVE-2014-1569)

Comment 2 Moritz Muehlenhoff

2015-02-04 08:55:48 CET

(In reply to Moritz Muehlenhoff from comment #0)
> Use-after-free in certificate handling (CVE-2014-1544)

This was fixed during the import of the Wheezy 7.8 point update in Bug 37511

Comment 3 Arvid Requate

2015-05-06 18:51:30 CEST

Fixed in upstream Debian package version 2:3.14.5-1+deb7u4

Comment 4 Stefan Gohmann

2015-08-29 00:28:22 CEST

One more has been fixed:
  * NSS incorrectly permits skipping of ServerKeyExchange (CVE-2015-2721)

YAML: 2015-08-29-nss.yaml

Comment 5 Philipp Hahn

2015-09-01 14:31:07 CEST

OK: 2015-08-29-nss.yaml
OK: announce-errata -V 2015-08-29-nss.yaml

OK: CVE-2014-1544 3.14.5-1+deb7u3 was already fixed in 4.0-1
FAIL: CVE-2014-1569 3.14.5-1+deb7u4 is also fixed
  $ repo_stat.py nss
  2:3.14.5-1+deb7u3 imported on 2015-02-02 12:26:38.803298
   Included in scope ucs4.0-1 for release tag 4.0-0-0 (71400)
  2:3.14.5-1+deb7u5 imported on 2015-08-29 00:01:00.301593
   Included in scope errata4.0-3 for release tag 4.0-0-0 (75315)

OK: CVE-2015-2721 3.14.5-1+deb7u5
OK: CVE-2015-2730 3.14.5-1+deb7u5
RFA: Please expand "nss" at least once to "Network Security Service" to help admins to distinguish this from "Name Service Switch" or other acronym expansions.

OK: aptitude install '?source-package(^nss$)'
OK: signutil
OK: chromium
OK: openjdk-7-jre-headless

Comment 6 Stefan Gohmann

2015-09-01 14:38:27 CEST

(In reply to Philipp Hahn from comment #5)
> FAIL: CVE-2014-1569 3.14.5-1+deb7u4 is also fixed

Added: r63376

Comment 7 Philipp Hahn

2015-09-01 16:54:16 CEST

OK: 2015-08-29-nss.yaml
OK: CVE-2014-1569

Comment 8 Janek Walkenhorst

2015-09-02 12:58:16 CEST

<http://errata.univention.de/ucs/4.0/301.html>