You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke nss

Sigurnosni nedostatak programske biblioteke nss

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4417-1
July 06, 2020

nss vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 19.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

NSS could be made to expose sensitive information.

Software Description:
– nss: Network Security Service library

Details:

Cesar Pereida, Billy Bob Brumley, Yuval Yarom, and Nicola Tuveri discovered
that NSS incorrectly handled RSA key generation. A local attacker could
possibly use this issue to perform a timing attack and recover RSA keys.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
libnss3 2:3.49.1-1ubuntu1.2

Ubuntu 19.10:
libnss3 2:3.45-1ubuntu2.4

Ubuntu 18.04 LTS:
libnss3 2:3.35-2ubuntu2.9

Ubuntu 16.04 LTS:
libnss3 2:3.28.4-0ubuntu0.16.04.12

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/4417-1
CVE-2020-12402

Package Information:
https://launchpad.net/ubuntu/+source/nss/2:3.49.1-1ubuntu1.2
https://launchpad.net/ubuntu/+source/nss/2:3.45-1ubuntu2.4
https://launchpad.net/ubuntu/+source/nss/2:3.35-2ubuntu2.9
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.12

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl8Dfh0ACgkQZWnYVadE
vpNp6Q/9Fw2iXWKpORipe1jezH7/xGNmyJwdjQglGiK2XFHX8WFnSNIec8ARkl7o
i/3m7aQ67nG1/jSyMNq1M1g8GwxXk94aWa99+JZbandB50ihuLNVDXUAot7ub3qB
Sgn2rp+wixRd2S9kVsUXMOsYPyKh+yHcGr8tB3KVK2YoGAG1oe+WIShyHDoFVMzO
fndmhw1H9Nm6K/mtwvGo6sXayUf4NnMhpTkzyrXJQHDhVC6Jv877GUrQ7xNh6IYw
GUxAmI3a8EjCI880eaYc2Yox6IzaHrKKOejhVQbzGQr9MtYE57uToO3Wku1YPa3B
4x1xpGNTVlhswf36JwrQix78xRbj3gjM9mhvwWUUlXCfiozdfqywpdrFYi0zfk+B
hDyS90fJtd9rKNpXpUy6+5N/xhrr5wHkZS1SUqs6S9/f/dRUwNSmr5AnB+woSHZD
QHZEZM/JiCc62pwFStYJ934e622I9mnAwy7yVwdvh36gtw2sY1EJ0Dh0Ye76WDd0
4gBZxrNVmXFqJ6U4rxaLPnU+2J7Vgc71ssOLk30QjEqDEy4FJOOFaZvfuMZvqXYi
A2LYhtCUqJO5orgl1qNLnvH61K7J7vc3gJTNQdtPz0OMwkCgU5BuFnOJKQAYbD2g
ViJEZMOoD0FcmBNRtVHNQlIXjB82fA6oHY4lLkd0UGiGDPXx6g0=
=viN+
—–END PGP SIGNATURE—–

AutorFilip Omazic
Cert idNCERT-REF-2020-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke Nss

Otkriven je sigurnosni nedostatak u programskoj biblioteci Nss za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnom napadaču omogućuje pristup osjetljivim informacijama....

Close