Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted nss 2:3.26.2-1.1+deb9u2 (source) into oldstable
Date: Tue, 29 Sep 2020 14:40:12 +0000
Signed by: Adrian Bunk <bunk@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Sep 2020 16:33:20 +0300
Source: nss
Binary: libnss3 libnss3-tools libnss3-dev libnss3-dbg
Architecture: source
Version: 2:3.26.2-1.1+deb9u2
Distribution: stretch-security
Urgency: medium
Maintainer: Maintainers of Mozilla-related packages <pkg-mozilla-maintainers@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Description:
 libnss3    - Network Security Service libraries
 libnss3-dbg - Debugging symbols for the Network Security Service libraries
 libnss3-dev - Development files for the Network Security Service libraries
 libnss3-tools - Network Security Service tools
Changes:
 nss (2:3.26.2-1.1+deb9u2) stretch-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2018-12404: Cache side-channel variant of the
     Bleichenbacher attack.
   * CVE-2018-18508: NULL pointer dereference in several CMS functions
     resulting in a denial of service.
   * CVE-2019-11719: Out-of-bounds read when importing curve25519
     private key.
   * CVE-2019-11729: Empty or malformed p256-ECDH public keys may
     trigger a segmentation fault.
   * CVE-2019-11745: Out-of-bounds write when encrypting with
     a block cipher.
   * CVE-2019-17006: Some cryptographic primitives did not check the
     length of the input text, potentially resulting in overflows.
   * CVE-2019-17007: Handling of Netscape Certificate Sequences
     may crash with a NULL deref leading to a denial of service.
   * CVE-2020-12399: Force a fixed length for DSA exponentiation.
   * CVE-2020-6829, CVE-2020-12400: Side channel attack on ECDSA
     signature generation.
   * CVE-2020-12401: ECDSA timing attack mitigation bypass.
   * CVE-2020-12402: Side channel vulnerabilities during
     RSA key generation.
   * CVE-2020-12403: CHACHA20-POLY1305 decryption with undersized tag
     leads to out-of-bounds read.
Checksums-Sha1:
 f583344d50e7b18e77334a02a284c6250a4ef808 2276 nss_3.26.2-1.1+deb9u2.dsc
 40c178e9aa416b76c169a1f425d4852d56fa1232 7388390 nss_3.26.2.orig.tar.gz
 963b2c84b96aadb627553e4c03317644f79be929 249836 nss_3.26.2-1.1+deb9u2.debian.tar.xz
Checksums-Sha256:
 84a4159632a2a585a85313a3a474e393672593aa45fb4025bd198e5cc30e68cf 2276 nss_3.26.2-1.1+deb9u2.dsc
 13a40a2f97edf5fab3d4c7fdd928e77df36dc539cd8354b6b5d79ab93a131a5a 7388390 nss_3.26.2.orig.tar.gz
 7f0a5199349c5b1b8e961b6aa14530c31715126a6cac8eaeb3675fd20796a374 249836 nss_3.26.2-1.1+deb9u2.debian.tar.xz
Files:
 046708f5fae1abe2a8b0372fe506676c 2276 libs optional nss_3.26.2-1.1+deb9u2.dsc
 643b46c81a1235a81459d853a084e401 7388390 libs optional nss_3.26.2.orig.tar.gz
 640f8cfc78fc736cb9f83d367bcbda6b 249836 libs optional nss_3.26.2-1.1+deb9u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl9zQ5cACgkQiNJCh6LY
mLEeow//RlzVJUHJYm+5aop6iR9SON3W5tWpQxaH7X1w9RNQEj0AMbwO1N1UXb2W
riO/Qh/uN4atMtsq3yMWv9CrHx51X+Nll5kIWz0vddwx5dcnp1f/VnxVcqpQwC9n
vDAOOeLeiDPLMZS/3HAx3CEMGKmN63/dAaR4SOVN1veTg5rEnSZZuuclviFQgrpg
udBESbumXEgav2jIiYMkVsFKnqUeb2EJBcdkXmndEQJ3C0vaObf+QC/v3QMkvVSm
FivaeLdluDlHqZvNkGezlZ92kQbB+FCvEiHduLLwaFP+LWLTcOUaMV2Zeumr32sT
UuURZHuteS4Y4/qQEDjgab9hdMDN6MPkCEpG44/Oi8mSOTtwc3KQelDxn9wPb44p
kDi0PzFzYdTkfKBglwqTRLK/wTpUdiYLqgxnLsb0xsrjWFp6AUpAVnFlZDfXCl4a
m+Gkw+yQbOBvFjQuDJJCOgW32Bj3UaRtx2ba/jxWM097LRV+6ptknL43BSiDm8iy
8JIOhZbIzouHXH+VbbqohYMCymzh5Q3xKWORmDqQZyMDLbv2Nwje5HhnEI8UMmKg
43kGMW6RDqUtFNKgKMmLOQeZ99tz3AWXmcjN2mURxqwEgvb0ocviWHFBDjxyQ1u3
OMPsSVP3R/p3jUKyyCo1u645Yp9Nysa28amrdfHzWJTwXT6NxfY=
=oYE4
-----END PGP SIGNATURE-----
News for package nss
