[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 89-1] nss security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : nss
Version        : 3.12.8-1+squeeze10
CVE ID         : CVE-2014-1544

In nss, a set of libraries designed to support cross-platform development of security-enabled client and server applications, Tyson Smith and Jesse Schwartzentruber discovered a use-after-free vulnerability that allows remote attackers to execute arbitrary code by triggering the improper removal of an NSSCertificate structure from a trust domain.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJUcL47XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHFCgP/iFuu//lrsSJksYX+8E4r1wZ
yXMIdBUBGC2TApjt+jM3PDR+WkXftoeyQA7kvWtCoXMC95dGENnVZymugVeCoXw4
MlNohKS3rj2/V8GsSrVfEleF4LJVVzjc7FC00ih1BlDxwa97CoIqt0l9K4d7WoMB
CMo9s5yrgBkV4MGtcxhMU7fd9++4A+3p+6Jab6fwaPv8pGmXJI1nbyo/dVf/+U3J
JsZLgH5iATAeQyHihhSCZUdvCqYsR3w+2a+tfLnsVy47aO+DSr47mtGq2BvDeBvS
pot3X8o3XlswwJcOzwg/sMaDPycCokKhHRAYYXy501xHHEDgJm/KfILO+U32Tg2E
o+2Ssayw8By24uwLgPvkQWWsQVksXNqwpbMIDoXfHShyJ8FtCZFXI3JicNj9uDx5
bJfb4xOLgcvbErGuVFPBadDTffOhsEDYqCOdmi9dJ/pv46jA3BECUXeMnQWhp26C
Jm9IP64srrdsdU9G5CWCZ1FVucB0sO6lrUNS7YTg7plImX6RvjNVqtUICHekayEv
qMgyf/H42xqm9J4SJNh0DlsElQ699BxdeQlJCEOeNVrV/I81s9Ts3dSYy7jk+yta
QcTthyygY3hdXQPhzEXNK2/cG42riQ08Ddpz2pSy/N32ABEfibKzSS2fR3VHmOHX
nhzChMDPfj1pm237KNdK
=GUJ8
-----END PGP SIGNATURE-----


Reply to: