Univention Bugzilla – Bug 39788
nss: Multiple issues (3.2)
Last modified: 2019-04-11 19:24:19 CEST
+++ This bug was initially created as a clone of Bug #39787 +++ The following security issues have been identified in the Network Security Service (nss): * ASan: use-after-poison in sec_asn1d_parse_leaf function (CVE-2015-7181) * ASN.1 decoder heap overflow when decoding constructed OCTET STRING (CVE-2015-7182)
These are already fixed upstream in version 3.12.8-1+squeeze12: * NSS incorrectly permits skipping of ServerKeyExchange (CVE-2015-2721) * ECDSA signature validation fails to handle some signatures correctly (CVE-2015-2730) (That hadn't been cloned from Bug 37045 yet).
* MD5 Downgrade in TLS 1.2 Signatures (CVE-2015-7575)
3.12.8-1+squeeze13 fixes CVE-2015-7181 CVE-2015-7182 And there is a new issue: * The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function (CVE-2016-1938)
3.12.8-1+squeeze14 fixes CVE-2016-1938
UCS 3.2 is out of maintenance.