nss 2:3.28.4-0ubuntu0.14.04.2 source package in Ubuntu
Changelog
nss (2:3.28.4-0ubuntu0.14.04.2) trusty-security; urgency=medium
* SECURITY UPDATE: DoS via empty SSLv2 messages
- debian/patches/CVE-2017-7502.patch: reject broken v2 records in
nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
- CVE-2017-7502
-- Marc Deslauriers <email address hidden> Fri, 16 Jun 2017 08:14:11 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| nss_3.28.4.orig.tar.gz | 7.1 MiB | d5d4761778b8d4c378b2174c9e13e7abd20a6961f557d4fcc029af723ffd7189 |
| nss_3.28.4-0ubuntu0.14.04.2.debian.tar.gz | 31.9 KiB | 37865cf0c223e9646b6c0d05b7c06a90489f3dc047948caba6ac48db2280f617 |
| nss_3.28.4-0ubuntu0.14.04.2.dsc | 2.3 KiB | 6bba39b70f99661161eaabd57ee58bd1e996b965368fddd83d43792c60d54d56 |
Available diffs
Binary packages built by this source
- libnss3: Network Security Service libraries
This is a set of libraries designed to support cross-platform development
of security-enabled client and server applications. It can support SSLv2
and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
other security standards.
- libnss3-1d: Network Security Service libraries - transitional package
This is a transitional package to ensure smooth transition of all packages
to libnss3.
- libnss3-dbg: Debugging symbols for the Network Security Service libraries
This is a set of libraries designed to support cross-platform development
of security-enabled client and server applications. It can support SSLv2
and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
other security standards.
.
This package provides the debugging symbols for the library.
- libnss3-dbgsym: debug symbols for package libnss3
This is a set of libraries designed to support cross-platform development
of security-enabled client and server applications. It can support SSLv2
and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
other security standards.
- libnss3-dev: Development files for the Network Security Service libraries
This is a set of libraries designed to support cross-platform development
of security-enabled client and server applications. It can support SSLv2
and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
other security standards.
.
Install this package if you wish to develop your own programs using the
Network Security Service Libraries.
- libnss3-nssdb: Network Security Security libraries - shared databases
This package includes shared certificate and key databases.
- libnss3-tools: Network Security Service tools
This is a set of tools on top of the Network Security Service libraries.
This package includes:
* certutil: manages certificate and key databases (cert7.db and key3.db)
* modutil: manages the database of PKCS11 modules (secmod.db)
* pk12util: imports/exports keys and certificates between the cert/key
databases and files in PKCS12 format.
* shlibsign: creates .chk files for use in FIPS mode.
* signtool: creates digitally-signed jar archives containing files and/or
code.
* ssltap: proxy requests for an SSL server and display the contents of
the messages exchanged between the client and server.
- libnss3-tools-dbgsym: debug symbols for package libnss3-tools
This is a set of tools on top of the Network Security Service libraries.
This package includes:
* certutil: manages certificate and key databases (cert7.db and key3.db)
* modutil: manages the database of PKCS11 modules (secmod.db)
* pk12util: imports/exports keys and certificates between the cert/key
databases and files in PKCS12 format.
* shlibsign: creates .chk files for use in FIPS mode.
* signtool: creates digitally-signed jar archives containing files and/or
code.
* ssltap: proxy requests for an SSL server and display the contents of
the messages exchanged between the client and server.
