Ubuntu
nss package

nss 2:3.49.1-1ubuntu1.7 source package in Ubuntu

Changelog

nss (2:3.49.1-1ubuntu1.7) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of service through ChangeCipherSpec
    - debian/patches/CVE-2020-25648-1.patch: reject CCS when
      compatibility is not specify or if many CCS in a row in
      nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc,
      nss/lib/ssl/ssl3con.c and nss/lib/ssl/sslimpl.h.
    - debian/patches/CVE-2020-25648-2.patch: reject multiple CCS
      packages but allow the first one in
      nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc,
      nss/lib/ssl/ssl3con.c and nss/lib/ssl/sslimpl.h.
    - CVE-2020-25648

 -- David Fernandez Gonzalez <email address hidden>  Mon, 09 May 2022 15:35:11 +0200

Upload details

Uploaded by:
David Fernandez Gonzalez
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
nss_3.49.1.orig.tar.gz 72.9 MiB d9aa42e49e02bb0dc0a2f164604cfc718e11a2a06ddb266cd676376ac21b026e
nss_3.49.1-1ubuntu1.7.debian.tar.xz 197.7 KiB 79d4cc95c7a44690ff2cadba9f11d4b205acdbe4b11c875263c255bbcacd947a
nss_3.49.1-1ubuntu1.7.dsc 2.1 KiB a56bbf1d45b98458f6fab004b03d099d72364bb9d1652ff412f9659766341186

View changes file

Binary packages built by this source

libnss3: Network Security Service libraries

 This is a set of libraries designed to support cross-platform development
 of security-enabled client and server applications. It can support SSLv2
 and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
 other security standards.

libnss3-dbgsym: debug symbols for libnss3
libnss3-dev: Development files for the Network Security Service libraries

 This is a set of libraries designed to support cross-platform development
 of security-enabled client and server applications. It can support SSLv2
 and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
 other security standards.
 .
 Install this package if you wish to develop your own programs using the
 Network Security Service Libraries.

libnss3-tools: Network Security Service tools

 This is a set of tools on top of the Network Security Service libraries.
 This package includes:
  * certutil: manages certificate and key databases (cert7.db and key3.db)
  * modutil: manages the database of PKCS11 modules (secmod.db)
  * pk12util: imports/exports keys and certificates between the cert/key
    databases and files in PKCS12 format.
  * shlibsign: creates .chk files for use in FIPS mode.
  * signtool: creates digitally-signed jar archives containing files and/or
    code.
  * ssltap: proxy requests for an SSL server and display the contents of
    the messages exchanged between the client and server.

libnss3-tools-dbgsym: debug symbols for libnss3-tools