[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ MDVSA-2015:059 ] nss



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:059
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : nss
 Date    : March 13, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in the Mozilla
 NSS and NSPR packages:
 
 The cert_TestHostName function in lib/certdb/certdb.c in the
 certificate-checking implementation in Mozilla Network Security
 Services (NSS) before 3.16 accepts a wildcard character that is
 embedded in an internationalized domain name's U-label, which might
 allow man-in-the-middle attackers to spoof SSL servers via a crafted
 certificate (CVE-2014-1492).
 
 Use-after-free vulnerability in the CERT_DestroyCertificate function
 in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used
 in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird
 before 24.7, allows remote attackers to execute arbitrary code via
 vectors that trigger certain improper removal of an NSSCertificate
 structure from a trust domain (CVE-2014-1544).
 
 Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x
 before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox
 before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before
 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2,
 Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124
 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does
 not properly parse ASN.1 values in X.509 certificates, which makes
 it easier for remote attackers to spoof RSA signatures via a crafted
 certificate, aka a signature malleability issue (CVE-2014-1568).
 
 The definite_length_decoder function in lib/util/quickder.c in
 Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x
 before 3.17.3 does not ensure that the DER encoding of an ASN.1
 length is properly formed, which allows remote attackers to conduct
 data-smuggling attacks by using a long byte sequence for an encoding,
 as demonstrated by the SEC_QuickDERDecodeItem function's improper
 handling of an arbitrary-length encoding of 0x00 (CVE-2014-1569).
 
 Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
 attackers to execute arbitrary code or cause a denial of service
 (out-of-bounds write) via vectors involving the sprintf and console
 functions (CVE-2014-1545).
 
 The sqlite3 packages have been upgraded to the 3.8.6 version due to
 an prerequisite to nss-3.17.x.
 
 Additionally the rootcerts package has also been updated to the
 latest version as of 2014-11-17, which adds, removes, and distrusts
 several certificates.
 
 The updated packages provides a solution for these security issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.1_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.2_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.16.3_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.1_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.2_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.4_release_notes
 https://www.mozilla.org/en-US/security/advisories/mfsa2014-55/
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 2/X86_64:
 2aea53da7622f23ec03faa5605d9672c  mbs2/x86_64/lemon-3.8.6-1.mbs2.x86_64.rpm
 68cc94d4a95146583d8a6b2849759614  mbs2/x86_64/lib64nspr4-4.10.8-1.mbs2.x86_64.rpm
 a6ffe2ebe6de847b6227c8c4c2cb4ba4  mbs2/x86_64/lib64nspr-devel-4.10.8-1.mbs2.x86_64.rpm
 78ba63e6a21b897abac8e4b0e975470d  mbs2/x86_64/lib64nss3-3.17.4-1.mbs2.x86_64.rpm
 aacf8b1f144a7044e77abc5d0be72a7b  mbs2/x86_64/lib64nss-devel-3.17.4-1.mbs2.x86_64.rpm
 6afff220f7fa93dede0486b76155ae44  mbs2/x86_64/lib64nss-static-devel-3.17.4-1.mbs2.x86_64.rpm
 63ffb7675dc414a52a4647f5ed302e3c  mbs2/x86_64/lib64sqlite3_0-3.8.6-1.mbs2.x86_64.rpm
 cfefad1ef4f83cceeeb34a4f2ffca442  mbs2/x86_64/lib64sqlite3-devel-3.8.6-1.mbs2.x86_64.rpm
 e976251ee0ae5c2b2a2f6a163b693e85  mbs2/x86_64/lib64sqlite3-static-devel-3.8.6-1.mbs2.x86_64.rpm
 42018611a17d2b6480b63f0a968a796d  mbs2/x86_64/nss-3.17.4-1.mbs2.x86_64.rpm
 b955454c30e482635944134eb02456e4  mbs2/x86_64/nss-doc-3.17.4-1.mbs2.noarch.rpm
 3058267964146b7806c493ff536da63d  mbs2/x86_64/rootcerts-20141117.00-1.mbs2.x86_64.rpm
 18fc28f1ae18ddd5fe01acb77811d0e6  mbs2/x86_64/rootcerts-java-20141117.00-1.mbs2.x86_64.rpm
 200f6a413d13d850ea084a9e42c4fc23  mbs2/x86_64/sqlite3-tcl-3.8.6-1.mbs2.x86_64.rpm
 8c88a446098d21cf2675173e32a208e6  mbs2/x86_64/sqlite3-tools-3.8.6-1.mbs2.x86_64.rpm 
 2e494a940c3189617ff62bc15a2b14fb  mbs2/SRPMS/nspr-4.10.8-1.mbs2.src.rpm
 0a28d1c9c07909d488c7dabe92c47529  mbs2/SRPMS/nss-3.17.4-1.mbs2.src.rpm
 10dcc357bb0bbdc22e7dd308074d037b  mbs2/SRPMS/rootcerts-20141117.00-1.mbs2.src.rpm
 df412cc892bb40e1d7345079a25c0bbb  mbs2/SRPMS/sqlite3-3.8.6-1.mbs2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVAvuLmqjQ0CJFipgRArOfAKDn7F7m/ZnJATspmFD0k083yGXQJwCdHAzw
P1QqaGn3HFIH8gKR7XVcRAA=
=ZF+9
-----END PGP SIGNATURE-----