Format: 1.8 Date: Wed, 12 Dec 2018 14:51:11 -0500 Source: nss Binary: libnss3 libnss3-tools libnss3-dev libnss3-dbg Architecture: i386 Version: 2:3.35-2ubuntu2.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libnss3 - Network Security Service libraries libnss3-dbg - Debugging symbols for the Network Security Service libraries libnss3-dev - Development files for the Network Security Service libraries libnss3-tools - Network Security Service tools Changes: nss (2:3.35-2ubuntu2.1) bionic-security; urgency=medium . * SECURITY UPDATE: side-channel attack on ECDSA signatures - debian/patches/CVE-2018-0495.patch: improve ecdsa and dsa in nss/lib/freebl/dsa.c, nss/lib/freebl/ec.c. - CVE-2018-0495 * SECURITY UPDATE: ServerHello.random is all zero in v2 ClientHello - debian/patches/CVE-2018-12384-1.patch: fix random logic in nss/lib/ssl/ssl3con.c. - debian/patches/CVE-2018-12384-2.patch: add tests to nss/gtests/ssl_gtest/ssl_loopback_unittest.cc, nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc. - CVE-2018-12384 * SECURITY UPDATE: cache side-channel variant of the Bleichenbacher attack - debian/patches/CVE-2018-12404-1.patch: improve RSA key exchange handling in nss/lib/ssl/ssl3con.c. - debian/patches/CVE-2018-12404-2.patch: improve padding checks in RSA_DecryptBlock in nss/gtests/freebl_gtest/rsa_unittest.cc, nss/lib/freebl/rsapkcs.c. - debian/patches/CVE-2018-12404-3.patch: add constant time mp_to_fixlen_octets in nss/gtests/freebl_gtest/mpi_unittest.cc, nss/lib/freebl/mpi/mpi.c, nss/lib/freebl/mpi/mpi.h. - CVE-2018-12404 Checksums-Sha1: 108d48f5ee6b1947480f623283c2f69309312fd5 7869620 libnss3-dbg_3.35-2ubuntu2.1_i386.deb 6e2d5b999e6b4874f5d182b0238946bbaec16740 230484 libnss3-dev_3.35-2ubuntu2.1_i386.deb 5640a880d8cea04e6fccb33b02719d1b92acc805 936108 libnss3-tools_3.35-2ubuntu2.1_i386.deb 13740c2b09df69a7b62ed15e9d64474ae0d7c878 1209028 libnss3_3.35-2ubuntu2.1_i386.deb d7791ca1bc8086acbd27d46e7eee1b63e10e93b5 5946 nss_3.35-2ubuntu2.1_i386.buildinfo Checksums-Sha256: 9d94a96a6a96d1746cc9cd71ebc2aa58d3b2320387e28a853b87226c159b7bb5 7869620 libnss3-dbg_3.35-2ubuntu2.1_i386.deb b4dfd042c016250540ccdac4cde07b40bdb2615055cf5725d1d869a9cc2660d7 230484 libnss3-dev_3.35-2ubuntu2.1_i386.deb 501b694b27167d642beb39a376ca0ea830c9bb63013ab4fb025883001281b569 936108 libnss3-tools_3.35-2ubuntu2.1_i386.deb 93d047af6b22d4898ed1457a6663aab87098e3f698ee49ded0b3c5b1686c6bbf 1209028 libnss3_3.35-2ubuntu2.1_i386.deb c830ac630d7223d084314bd10adbffe2bb4f652a61bb1a43f4e866d16b2e4cb9 5946 nss_3.35-2ubuntu2.1_i386.buildinfo Files: 6994f5c2b064925f7f401770a649f05a 7869620 debug extra libnss3-dbg_3.35-2ubuntu2.1_i386.deb 4c8eb0adcee08ff454075dffaf36b829 230484 libdevel optional libnss3-dev_3.35-2ubuntu2.1_i386.deb 0783129d0c7cbbe7e111f1c862dfebe7 936108 admin optional libnss3-tools_3.35-2ubuntu2.1_i386.deb 0af0f268e9aecdffc97f53e7e67524d8 1209028 libs optional libnss3_3.35-2ubuntu2.1_i386.deb 09f59a2ac5ae95155358a5905aeca6e0 5946 libs optional nss_3.35-2ubuntu2.1_i386.buildinfo Original-Maintainer: Maintainers of Mozilla-related packages