[SECURITY] [DLA 89-1] nss security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : nss
Version : 3.12.8-1+squeeze10
CVE ID : CVE-2014-1544
In nss, a set of libraries designed to support cross-platform development
of security-enabled client and server applications, Tyson Smith and Jesse
Schwartzentruber discovered a use-after-free vulnerability that allows
remote attackers to execute arbitrary code by triggering the improper
removal of an NSSCertificate structure from a trust domain.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQJ8BAEBCgBmBQJUcL47XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHFCgP/iFuu//lrsSJksYX+8E4r1wZ
yXMIdBUBGC2TApjt+jM3PDR+WkXftoeyQA7kvWtCoXMC95dGENnVZymugVeCoXw4
MlNohKS3rj2/V8GsSrVfEleF4LJVVzjc7FC00ih1BlDxwa97CoIqt0l9K4d7WoMB
CMo9s5yrgBkV4MGtcxhMU7fd9++4A+3p+6Jab6fwaPv8pGmXJI1nbyo/dVf/+U3J
JsZLgH5iATAeQyHihhSCZUdvCqYsR3w+2a+tfLnsVy47aO+DSr47mtGq2BvDeBvS
pot3X8o3XlswwJcOzwg/sMaDPycCokKhHRAYYXy501xHHEDgJm/KfILO+U32Tg2E
o+2Ssayw8By24uwLgPvkQWWsQVksXNqwpbMIDoXfHShyJ8FtCZFXI3JicNj9uDx5
bJfb4xOLgcvbErGuVFPBadDTffOhsEDYqCOdmi9dJ/pv46jA3BECUXeMnQWhp26C
Jm9IP64srrdsdU9G5CWCZ1FVucB0sO6lrUNS7YTg7plImX6RvjNVqtUICHekayEv
qMgyf/H42xqm9J4SJNh0DlsElQ699BxdeQlJCEOeNVrV/I81s9Ts3dSYy7jk+yta
QcTthyygY3hdXQPhzEXNK2/cG42riQ08Ddpz2pSy/N32ABEfibKzSS2fR3VHmOHX
nhzChMDPfj1pm237KNdK
=GUJ8
-----END PGP SIGNATURE-----
Reply to: