[SECURITY] [DSA 6290-1] nss security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6290-1] nss security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 21 May 2026 20:39:11 +0000
Message-id: <[🔎] ag9tb74HMfhQWkDH@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6290-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 21, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : nss
CVE ID         : CVE-2026-6766 CVE-2026-6767 CVE-2026-6772

Several vulnerabilities were discovered in NSS, a set of cryptographic
libraries, which may result in or denial of service or potentially the
execution of arbitrary code.

For the stable distribution (trixie), these problems have been fixed in
version 2:3.110-1+deb13u2.

We recommend that you upgrade your nss packages.

For the detailed security status of nss please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nss

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmoPbO0ACgkQEMKTtsN8
TjYEVhAAm78ETFzhkqAS43GTmVJt6GE5ygsDXYNH7kfPYJER3P3yaBnsq8MuH0GQ
EOqcWWNr+QIVhzJ0DvY+Ho4Fh1xNaY1utpinhVVdKmkLV/v2wvsY/nQZ6lfOvXcK
uVKdaLdqpVVjWXXx5FALG8c9ZokvceKXoLuw/c+jdIW6pYS0vNkEP/FlWwatvY0R
Ld/zrmR2jNYfw7MAm2/jUIYAc5klxSmTaE3vEXEhKRiVC5ozp8dm2C/R+tS3qm3P
l2/jXPluaXhMVqGJtHk8Ow+QF4B95TDnEf6NPo8uf2daj/2Z9A5Zdq8a1B4zTr62
WVCWzMqk9pZl9ThdIvryfTkWymXYn8oWLZNDtKyQg7igcFptC/O2vSYscM12T1iJ
mD+InkJX4wnk4AdEQDr4RfjGubMY7twWjX3n98UEJ3WP65hysdcc98hzN9JX/T4T
IeY5+JX9+Vq5XG39y19PdZjawDmhPF4Lpegnwnjb8mIqc4/4Z+EclSPflJulVHP9
hY3akHwXtPPylPaPz4NAV/ucATSAhz6bwiSVpYH/mC2lYKi3G4+Vo58xEVtyTX2B
9UE5WaD+XDO3GwEnB/k96aCfjfYnP6/GKnY7xl5yYlESI1HD0N6Unq9cZxndGhww
PkkXhPFJTXOFMtEHIPvBmqbZDT/ykxiKSpX6V1Ik7CAran/U6Dc=
=x+l6
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6289-1] openvpn security update
Next by Date: [SECURITY] [DSA 6291-1] haproxy security update
Previous by thread: [SECURITY] [DSA 6289-1] openvpn security update
Next by thread: [SECURITY] [DSA 6291-1] haproxy security update
Index(es):
- Date
- Thread