Accepted nss 2:3.14.5-1+deb7u6 (source amd64) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted nss 2:3.14.5-1+deb7u6 (source amd64) into oldstable
From: dak@security.debian.org
Date: Wed, 18 May 2016 17:50:13 +0000
Message-id: <[🔎] E1b35bp-0000In-PG@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 29 Mar 2016 11:57:06 -0400
Source: nss
Binary: libnss3 libnss3-1d libnss3-tools libnss3-dev libnss3-dbg
Architecture: source amd64
Version: 2:3.14.5-1+deb7u6
Distribution: wheezy-security
Urgency: high
Maintainer: Maintainers of Mozilla-related packages <pkg-mozilla-maintainers@lists.alioth.debian.org>
Changed-By: Antoine Beaupré <anarcat@debian.org>
Description: 
 libnss3    - Network Security Service libraries
 libnss3-1d - Network Security Service libraries - transitional package
 libnss3-dbg - Debugging symbols for the Network Security Service libraries
 libnss3-dev - Development files for the Network Security Service libraries
 libnss3-tools - Network Security Service tools
Changes: 
 nss (2:3.14.5-1+deb7u6) wheezy-security; urgency=high
 .
   [ Guido Günther ]
   * Non-maintainer upload by the Security Team.
   * Add CVE-2015-7182.patch:
     CVE-2015-7182: Heap-based buffer overflow in the ASN.1 decoder
   * Add CVE-2015-7181.patch:
     CVE-2015-7181: The sec_asn1d_parse_leaf function improperly restricts
     access to an unspecified data structure
   * Add autopkgtest for certificate generation/signing and library linking
 .
   [ Antoine Beaupré ]
   * Add CVE-2016-1938.patch, ported from squeeze:
     CVE-2016-1938: The s_mp_div function in lib/freebl/mpi/mpi.c in
     improperly divides numbers, which might make it easier for remote
     attackers to defeat cryptographic protection mechanisms
   * Add CVE-2016-1950.patch:
     CVE-2016-1950: Heap-based buffer overflow allows remote attackers to
     execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
   * Add CVE-2016-1978.patch:
     CVE-2016-1978: Use-after-free vulnerability in the
     ssl3_HandleECDHServerKeyExchange function allows remote attackers to
     cause a denial of service or possibly have unspecified other impact by
     making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory
     consumption.
   * Add CVE-2016-1979.patch:
     CVE-2016-1979: Use-after-free vulnerability in the
     PK11_ImportDERPrivateKeyInfoAndReturnKey function allows remote
     attackers to cause a denial of service or possibly have unspecified
     other impact via crafted key data with DER encoding.
Checksums-Sha1: 
 5d347cbf27e8930a8170847322773a530b43215f 2193 nss_3.14.5-1+deb7u6.dsc
 32f0cd18f7fd98b9ef389d99ea61162af69040cf 62677 nss_3.14.5-1+deb7u6.debian.tar.gz
 1fd3ad5db5fa8259027c9c509a0e91ee214373ab 1063410 libnss3_3.14.5-1+deb7u6_amd64.deb
 914fe4cc7dc83468248ae8cc875d18a5c05b7eb6 21180 libnss3-1d_3.14.5-1+deb7u6_amd64.deb
 e654f444f6ecad06981cea801c17907a4a069708 230206 libnss3-tools_3.14.5-1+deb7u6_amd64.deb
 97d8772096c5d23da809c8bd91d38420add3dc94 221290 libnss3-dev_3.14.5-1+deb7u6_amd64.deb
 b13fd374fbd3279ffc81bbd2bbeae32955b8ae93 4840786 libnss3-dbg_3.14.5-1+deb7u6_amd64.deb
Checksums-Sha256: 
 6ed390bd29096fdb0b8900533531efccc5e75474f6483eee26685c8c26090758 2193 nss_3.14.5-1+deb7u6.dsc
 efc35969625f1324f0f8f347ec3a17d03fc49c6e517718067eed99239e780d9c 62677 nss_3.14.5-1+deb7u6.debian.tar.gz
 ea9a20a387f49d55efabfdcdfa828c1599077db632d19a19bf8b707a418dc3f0 1063410 libnss3_3.14.5-1+deb7u6_amd64.deb
 acfdd55e001b062bfefff2d6c58e4eb7bcfdde92f2c10b0ed1e00a7c7c5bed71 21180 libnss3-1d_3.14.5-1+deb7u6_amd64.deb
 ee1578e875c49c844e03ccc5727af4a35c1567dabeca66ebf3aae3b768cd99a5 230206 libnss3-tools_3.14.5-1+deb7u6_amd64.deb
 aca59a47566e758932e930cf968f270489d230430b82d562a9eacad24ceec85c 221290 libnss3-dev_3.14.5-1+deb7u6_amd64.deb
 737c9761b4fe0ece385ec9ebbdd78c5deaf917ff19db5d6d03857532e9f2227a 4840786 libnss3-dbg_3.14.5-1+deb7u6_amd64.deb
Files: 
 7ae773ac7051429c2998717adaa4e395 2193 libs optional nss_3.14.5-1+deb7u6.dsc
 f7c0ee6926272cd48d9778e55a0c7cd0 62677 libs optional nss_3.14.5-1+deb7u6.debian.tar.gz
 42fec03dc77b4305136305d6788dfc90 1063410 libs optional libnss3_3.14.5-1+deb7u6_amd64.deb
 21509894c0164e42119d1ea2f184c4a0 21180 oldlibs extra libnss3-1d_3.14.5-1+deb7u6_amd64.deb
 56f5f2be4f5ede974d00414614e80a27 230206 admin optional libnss3-tools_3.14.5-1+deb7u6_amd64.deb
 19361c721dc7a0ceec285845b523ba78 221290 libdevel optional libnss3-dev_3.14.5-1+deb7u6_amd64.deb
 e3ed934e46bdb3b5318652e3d195e331 4840786 debug extra libnss3-dbg_3.14.5-1+deb7u6_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXBs4SAAoJEHkhUlJ7dZIelU4P/1YI7A43qBTD2wWmgsuF6+Tv
VEK9X8WK1mhqiNO873Wj3Ti3WmMk5XygnybYbw+vFwVrUeEO4aELQ7NzP7l+kt6y
BxOCWkJPrB0h3Y1Myp/m3oCIYM5TbEoGmZswNeZgSHN0+026af/7ad/eDtb4ILeL
Y50Ye5u8oHAq6cfMQqHHIXtyffvwgbyFwkjUtRB7rqVJAbojRhn0wgDaeOm9l4MO
EGNrJy+N81ROb0De7iLXTNUbwplHNTM9UqFGJ3dSyDimzBIFYdQ5hsidMpum0mYU
DUN9a3g89alg/yA/NZsA3OE19hpI9UPUK1hv13sZUokdDwjUCtw/rr5fCfxWcLi9
RBmbWOLLZsheHVn3s1EB4kIKzr/vVx38keT3iWDbu3cULD5nPPpgZxHelrKisq8h
y4kLE0XKsKQ+pHG+K//81bf6ug23hQDEYV877einihKbMGuOlPCnLvcDSF1IDnx1
8jf3S1kBt4vbdo//sg1cc3JhXOPZYFH6X4vqF1WP5b1/B+rNOGXthVFistO11HV6
ImshKNKIxKUtu14nVxcANMsLFibnpQvfwj0MhBbK2puhp+KoSDtbQjt+XYzP7bQ0
TbVJzY0tL3O9PY6bYWkr6TzV/0LZgUspSRBVZYSVY96emsNv3V+1d8CSX+CBer/B
gVeDjhOk5pzvrNboH619
=mNV0
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted xen 4.1.6.1-1+deb7u1 (source all i386) into oldstable
Next by Date: Accepted phpmyadmin 4:3.4.11.1-2+deb7u3 (source all) into oldstable
Previous by thread: Accepted xen 4.1.6.1-1+deb7u1 (source all i386) into oldstable
Next by thread: Accepted phpmyadmin 4:3.4.11.1-2+deb7u3 (source all) into oldstable
Index(es):
- Date
- Thread