Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Debian: DLA-1704-1 Moderate: NSS Denial Of Service And Cache Issues

debian lts
Calendar Grey March 5, 2019
Dist Debian Esm H88
Package : nss Version : 2:3.26-1+debu8u4 CVE ID : CVE-2018-12404 CVE-2018-18508 Debian Bug : 921614
Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library

Summary

CVE-2018-12404

Cache side-channel variant of the Bleichenbacher attack

CVE-2018-18508

NULL pointer dereference in several CMS functions resulting in a
denial of service

For Debian 8 "Jessie", these problems have been fixed in version
2:3.26-1+debu8u4.

We recommend that you upgrade your nss packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
important
Lowest
Low
Medium
High
Critical

<pre><font face="Courier">Package: nss
Version: 2:3.26-1+debu8u4
CVE ID: CVE-2018-12404 CVE-2018-18508
Debian Bug: 921614

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.