ALT Linux Team

Package nss update in p7 on 2016-02-13

ALT-PU-2016-1104-1

Package nss updated to version 3.22.0-alt0.M70P.1 for branch p7 in task 158862.

Closed vulnerabilities

Published: 2016-01-19

BDU:2016-00136

Уязвимость программных платформ Jrockit и Java Platform, позволяющая нарушителю получить доступ на чтение данных или модифицировать данные

Severity: MEDIUM (4.0)
References:
Published: 2016-06-13

BDU:2016-01546

Уязвимость набора библиотек Network Security Services и браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

Severity: CRITICAL (9.3)
References:
Published: 2016-01-09
Modified: 2024-11-21

CVE-2015-7575

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

Severity: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2016-06-13
Modified: 2024-11-21

CVE-2016-2834

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top