1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • NSS vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, November 27, 2019 16:10:03
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    NSS could be made to crash or run programs if it received
    specially crafted input.

    Software Description

    * nss - Network Security Service library

    Details

    USN-4203-1 fixed a vulnerability in NSS. This update provides the
    corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    It was discovered that NSS incorrectly handled certain memory
    operations. A remote attacker could use this issue to cause NSS to
    crash, resulting in a denial of service, or possibly execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.14.04.5+esm2

    Ubuntu 12.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.12.04.5

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart any
    applications that use NSS, such as Evolution, to make all the
    necessary changes.

    References

    * USN-4203-1
    * CVE-2019-11745

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, November 27, 2019 16:10:03
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 19.04
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    NSS could be made to crash or run programs if it received
    specially crafted input.

    Software Description

    * nss - Network Security Service library

    Details

    It was discovered that NSS incorrectly handled certain memory
    operations. A remote attacker could use this issue to cause NSS to
    crash, resulting in a denial of service, or possibly execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    libnss3 - 2:3.45-1ubuntu2.1

    Ubuntu 19.04
    libnss3 - 2:3.42-1ubuntu2.3

    Ubuntu 18.04 LTS
    libnss3 - 2:3.35-2ubuntu2.5

    Ubuntu 16.04 LTS
    libnss3 - 2:3.28.4-0ubuntu0.16.04.8

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart any
    applications that use NSS, such as Evolution, to make all the
    necessary changes.

    References

    * CVE-2019-11745

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, December 09, 2019 12:10:09
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.04
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS
    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    NSS could be made to crash if it received a specially crafted
    certificate.

    Software Description

    * nss - Network Security Service library

    Details

    It was discovered that NSS incorrectly handled certain
    certificates. An attacker could possibly use this issue to cause a
    denial of service.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.04
    libnss3 - 2:3.42-1ubuntu2.4

    Ubuntu 18.04 LTS
    libnss3 - 2:3.35-2ubuntu2.6

    Ubuntu 16.04 LTS
    libnss3 - 2:3.28.4-0ubuntu0.16.04.9

    Ubuntu 14.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.14.04.5+esm3

    Ubuntu 12.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.12.04.6

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * CVE-2019-17007

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, January 08, 2020 16:10:01
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 19.04
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS
    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    NSS could be made to execute arbitrary code if it received a
    specially crafted input.

    Software Description

    * nss - Network Security Service library

    Details

    It was discovered that NSS incorrectly handled certain inputs. An
    attacker could possibly use this issue to execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    libnss3 - 2:3.45-1ubuntu2.2

    Ubuntu 19.04
    libnss3 - 2:3.42-1ubuntu2.5

    Ubuntu 18.04 LTS
    libnss3 - 2:3.35-2ubuntu2.7

    Ubuntu 16.04 LTS
    libnss3 - 2:3.28.4-0ubuntu0.16.04.10

    Ubuntu 14.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.14.04.5+esm4

    Ubuntu 12.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.12.04.7

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * CVE-2019-17006

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, June 17, 2020 12:10:02
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    NSS could be made to expose sensitive information over the
    network.

    Software Description

    * nss - Network Security Service library

    Details

    USN-4397-1 fixed a vulnerability in NSS. This update provides the
    corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    Cesar Pereida Garcia discovered that NSS incorrectly handled DSA
    key generation. A local attacker could possibly use this issue to
    perform a timing attack and recover DSA keys. (CVE-2020-12399)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.14.04.5+esm5

    Ubuntu 12.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.12.04.8

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * USN-4397-1
    * CVE-2020-12399

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, July 06, 2020 16:10:09
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    NSS could be made to expose sensitive information.

    Software Description

    * nss - Network Security Service library

    Details

    Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri
    discovered that NSS incorrectly handled RSA key generation. A
    local attacker could possibly use this issue to perform a timing
    attack and recover RSA keys.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libnss3 - 2:3.49.1-1ubuntu1.2

    Ubuntu 19.10
    libnss3 - 2:3.45-1ubuntu2.4

    Ubuntu 18.04 LTS
    libnss3 - 2:3.35-2ubuntu2.9

    Ubuntu 16.04 LTS
    libnss3 - 2:3.28.4-0ubuntu0.16.04.12

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * CVE-2020-12402

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, July 06, 2020 20:10:01
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    NSS could be made to expose sensitive information.

    Software Description

    * nss - Network Security Service library

    Details

    USN-4417-1 fixed a vulnerability in NSS. This update provides the
    corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri
    discovered that NSS incorrectly handled RSA key generation. A
    local attacker could possibly use this issue to perform a timing
    attack and recover RSA keys.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.14.04.5+esm6

    Ubuntu 12.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.12.04.9

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * USN-4417-1
    * CVE-2020-12402

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, August 27, 2020 16:10:07
    nss vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS
    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    NSS could be made to expose sensitive information if it received a
    specially crafted input.

    Software Description

    * nss - Network Security Service library

    Details

    It was discovered that NSS incorrectly handled some inputs. An
    attacker could possibly use this issue to expose sensitive
    information.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libnss3 - 2:3.49.1-1ubuntu1.5

    Ubuntu 18.04 LTS
    libnss3 - 2:3.35-2ubuntu2.12

    Ubuntu 16.04 LTS
    libnss3 - 2:3.28.4-0ubuntu0.16.04.14

    Ubuntu 14.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.14.04.5+esm8

    Ubuntu 12.04 ESM
    libnss3 - 2:3.28.4-0ubuntu0.12.04.11

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to reboot your computer to
    make all the necessary changes.

    References

    * CVE-2020-12403

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)