Bug 41329 – nss: Multiple issues (4.1)

Bug 41329 - nss: Multiple issues (4.1)


Summary:	nss: Multiple issues (4.1)

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.1
Hardware:	Other Linux

Importance:	P2 normal (vote)
Target Milestone:	UCS 4.1-3-errata
Assigned To:	Janek Walkenhorst
QA Contact:	Arvid Requate

URL:
Keywords:

Depends on:
Blocks:	39787
	Show dependency tree / graph

Reported:	2016-05-23 19:14 CEST by Arvid Requate
Modified:	2016-09-21 21:27 CEST (History)
CC List:	2 users (show)

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):	Security
Max CVSS v3 score:

Flags:	requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Arvid Requate

2016-05-23 19:14:34 CEST

Upstream Debian package version 2:3.14.5-1+deb7u6 fixes these issues:

* The sec_asn1d_parse_leaf function improperly restricts access to an unspecified data structure (CVE-2015-7181)

* Heap-based buffer overflow in the ASN.1 decoder (CVE-2015-7182)

* The s_mp_div function in lib/freebl/mpi/mpi.c in improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms (CVE-2016-1938)

* Heap-based buffer overflow allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate (CVE-2016-1950)

* Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption (CVE-2016-1978)

* Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndReturnKey function allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted key data with DER encoding (CVE-2016-1979)

Comment 1 Arvid Requate

2016-06-07 20:19:28 CEST

Upstream Debian package version 2:3.14.5-1+deb7u7 fixes this issue:

A vulnerability has been found in the Mozilla Network Security Service (nss):

CVE-2015-4000

 With TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is
 enabled on a server but not on a client, does not properly convey
 a DHE_EXPORT choice, which allows man-in-the-middle attackers to
 conduct cipher-downgrade attacks by rewriting a ClientHello with
 DHE replaced by DHE_EXPORT and then rewriting a ServerHello with
 DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

The solution in nss was to not accept bit lengths less than 1024.
This may potentially be a backwards incompatibility issue but such
low bit lengths should not be in use so it was deemed acceptable.

Comment 2 Arvid Requate

2016-06-27 12:09:03 CEST

Upstream Debian package version 2:3.14.5-1+deb7u8 fixes this aditional issue:

* Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. (CVE-2016-2834)

Comment 3 Janek Walkenhorst

2016-08-26 13:04:42 CEST

Tests (i386): OK
Advisory: nss.yaml

Comment 4 Arvid Requate

2016-09-05 17:56:04 CEST

Verified:
* 3.14.5-1+deb7u8 imported and built
* No UCS patches
* Package update Ok (amd64) (tested with univention-java)
* Advisory Ok

Comment 5 Janek Walkenhorst

2016-09-07 18:41:41 CEST

<http://errata.software-univention.de/ucs/4.1/256.html>