Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200610-06
https://security.gentoo.org/
Severity: Normal
Title: Mozilla Network Security Service (NSS): RSA signature
forgery
Date: October 17, 2006
Bugs: #148283
ID: 200610-06
Synopsis
=======
NSS fails to properly validate PKCS #1 v1.5 signatures.
Background
=========
The Mozilla Network Security Service is a library implementing security
features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12,
S/MIME and X.509 certificates.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/nss < 3.11.3 >= 3.11.3
==========
Daniel Bleichenbacher discovered that it might be possible to forge
signature...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.