Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Ubuntu :: b1a-1377.htm

nss vulnerability



nss vulnerability
nss vulnerability




--=-evbeoT2MRnMfg8hEvKvV
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

==========================================================Ubuntu Security Notice USN-927-4              June 29, 2010
nss vulnerability
CVE-2009-3555
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  libnss3-1d                      3.12.6-0ubuntu0.8.04.1

After a standard system upgrade you need to restart your session to effect
the necessary changes.

Details follow:

USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update provides
the corresponding updates for Ubuntu 8.04 LTS.

Original advisory details:

 Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
 protocols. If an attacker could perform a man in the middle attack at the
 start of a TLS connection, the attacker could inject arbitrary content at
 the beginning of the user's session. This update adds support for the new
 new renegotiation extension and will use it when the server supports it.


Updated packages for Ubuntu 8.04 LTS:

  Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.8.04.1.diff.gz 
      Size/MD5:    37346 6a94c48e52a5f2472f89c948c6121e87
http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.8.04.1.dsc 
      Size/MD5:     1651 dac6db68fa9de3c92e12f272dc8526e5
http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6.orig.tar.gz 
      Size/MD5:  5947630 da42596665f226de5eb3ecfc1ec57cd1

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_amd64.deb 
      Size/MD5:    18658 08036515d5ef96b7f2b20912085616bb
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_amd64.deb 
      Size/MD5:  3214690 7b7b6d770bbe831a6db15f3b075be48a
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_amd64.deb 
      Size/MD5:  1181818 75d3627ffc4f26c7e51a3c9d8e6d841a
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_amd64.deb 
      Size/MD5:   262768 7e1814225954057dc2df6226f822246f
http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_amd64.deb 
      Size/MD5:   313888 98ac46a0e05fd5b8bc17741e37a06a32

  i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_i386.deb 
      Size/MD5:    18632 e6f8e62eb98c1385d85ca9cbe49a7257
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_i386.deb 
      Size/MD5:  3063554 40deebbe99b442e09452c2e6245b2f7b
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_i386.deb 
      Size/MD5:  1073332 2583f6e4d6ba5e29bee7123035e5c7b1
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_i386.deb 
      Size/MD5:   259996 4050c11d7aa41505102be2ebacb575d3
http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_i386.deb 
      Size/MD5:   296448 55e5a681b812b6caf23c440b475f6fa1

  lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_lpia.deb 
      Size/MD5:    18626 337d03cb5e7441c778f01de6f67436bf
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_lpia.deb 
      Size/MD5:  3096098 20ea53d1c6c648d5bafca348d54b267e
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_lpia.deb 
      Size/MD5:  1050356 8fb5698de23d546dd5cad816af7f8a88
http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_lpia.deb 
      Size/MD5:   258850 156f07acae47a5f0ac63acdf5038d44f
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_lpia.deb 
      Size/MD5:   293704 5b70600519c6130cf577c4f15f7f4350

  powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_powerpc.deb 
      Size/MD5:    21098 9cf7367deb2f2f1c52a3f07ad2e6695a
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_powerpc.deb 
      Size/MD5:  3179272 11c203af481503da1b1384ad7607d659
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_powerpc.deb 
      Size/MD5:  1179728 ff3634e2bddc7e23e7bc68eee1214950
http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_powerpc.deb 
      Size/MD5:   261728 728c6e12354eed8bf813af0531dcd0ea
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_powerpc.deb 
      Size/MD5:   326690 6319e7b0a414fe476e932f8d9312d93e

  sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nss/libnss3-0d_3.12.6-0ubuntu0.8.04.1_sparc.deb 
      Size/MD5:    18726 68631257ee138b336776c77793e3771a
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.8.04.1_sparc.deb 
      Size/MD5:  2887714 e36c0930f015a8470d08b42e322cf5ab
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.8.04.1_sparc.deb 
      Size/MD5:  1055104 6a8d5cdde08302883ddc8ee689a22ae4
http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.8.04.1_sparc.deb 
      Size/MD5:   256862 7c44db799ed6df870989b547569f20b8
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.8.04.1_sparc.deb 
      Size/MD5:   301452 f88662f344801dbd5079740cdc970230




--=-evbeoT2MRnMfg8hEvKvV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAkwqR5UACgkQW0JvuRdL8BobzgCbBK/wejpcr3XWnNVp/PHkSE8G
1rkAnRbtmQklo4RJoq0SPVIGgHQAno6n
=Ezda
-----END PGP SIGNATURE-----

--=-evbeoT2MRnMfg8hEvKvV--



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH