[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 427-1] nss security update

Package        : nss
Version        : 3.12.8-1+squeeze14
CVE ID         : CVE-2016-1938

The s_mp_div function in Mozilla Network Security Services (NSS) before
3.21, improperly divides numbers, which might make it easier for remote
attackers to defeat cryptographic protection mechanisms by leveraging
use of the (1) mp_div or (2) mp_exptmod function.

For the oldoldstable distribution (squeeze), these problem has been fixed
in version 3.12.8-1+squeeze14.

We recommend that you upgrade your nss packages.

Attachment: signature.asc
Description: PGP signature

Reply to: