Information on source package nss

Available versions

ReleaseVersion
wheezy, wheezy2:3.14.5-1
jessie, sid2:3.16-1
squeeze, squeeze3.12.8-1+squeeze7

Open issues

BugwheezyjessiesidsqueezeDescription
CVE-2013-0169fixedfixedfixedvulnerableThe TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as ...
CVE-2013-1620fixedfixedfixedvulnerableThe TLS implementation in Mozilla Network Security Services (NSS) does ...
CVE-2013-1740vulnerablefixedfixedvulnerableThe ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla ...
CVE-2013-1741vulnerablefixedfixedvulnerableInteger overflow in Mozilla Network Security Services (NSS) 3.15 ...
CVE-2013-5606vulnerablefixedfixedvulnerableThe CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla ...
CVE-2014-1490vulnerablefixedfixedvulnerableRace condition in libssl in Mozilla Network Security Services (NSS) ...
CVE-2014-1491vulnerablefixedfixedvulnerableMozilla Network Security Services (NSS) before 3.15.4, as used in ...
CVE-2014-1492vulnerablefixedfixedvulnerableThe cert_TestHostName function in lib/certdb/certdb.c in the ...

Open unimportant issues

BugwheezyjessiesidsqueezeDescription
CVE-2013-0791fixedfixedfixedvulnerableThe CERT_DecodeCertPackage function in Mozilla Network Security ...

Resolved issues

BugDescription
CVE-2009-2404Heap-based buffer overflow in a regular-expression parser in Mozilla ...
CVE-2009-2408Mozilla Network Security Services (NSS) before 3.12.3, Firefox before ...
CVE-2009-2409The Network Security Services (NSS) library before 3.12.3, as used in ...
CVE-2009-3555The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...
CVE-2010-3170Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...
CVE-2010-3173The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x ...
CVE-2011-3640** DISPUTED ** Untrusted search path vulnerability in Mozilla Network ...
CVE-2012-0441The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security ...
CVE-2013-1739Mozilla Network Security Services (NSS) before 3.15.2 does not ensure ...
CVE-2013-5605Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 ...

Security announcements

DSADescription
DSA-2800-1nss - buffer overflow
DSA-2800-1nss - buffer overflow
DSA-2790-1nss - uninitialized memory read
DSA-2599-1nss - mis-issued intermediates
DSA-2490-1nss - denial of service
DSA-2339-1nss - several
DSA-2339-1nss - several
DSA-2300-2nss - compromised certificate authority
DSA-2300-2nss - compromised certificate authority
DSA-2300-1nss - compromised certificate authority
DSA-2300-1nss - compromised certificate authority
DSA-2141-2nss - protocol design flaw
DSA-2123-1nss - cryptographic weaknesses
DSA-1874-1nss - several vulnerabilities

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)