[SECURITY] [DLA 2266-1] nss security update

[Adrian Bunk <bunk@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : nss
Version        : 2:3.26-1+debu8u11
CVE ID         : CVE-2020-12399 CVE-2020-12402

Several vulnerabilities were fixed in nss,
the Network Security Service libraries.

CVE-2020-12399

    Force a fixed length for DSA exponentiation.

CVE-2020-12402

    Side channel vulnerabilities during RSA key generation.

For Debian 8 "Jessie", these problems have been fixed in version
2:3.26-1+debu8u11.

We recommend that you upgrade your nss packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl77kNMACgkQiNJCh6LY
mLEnPg//Rguhvk7zU3wLjjrii/LYLzZL++pajyeU+IZfwUx7dXk+07tqjmjyQ25K
kS9HTBqK560eFCYCT3HMbzjnUjVDAcVf8DxFbFVzCsqK0V+bwug39w72TQ2RjMHs
Ii+Uy0wR3f8IWFqGv4sCZWlNIx/FfYq6VmhV9zdHsUFCMW52CvPXZIBlvD99OGBO
eHshXb0mvEIJJPr/Bt3W8ei0SxqDUHdZx1tzTpgRPiV1IuXlZ/rUGUSwgek/CmAY
9fWyP2W01D472TU7ZEaEZf+vxy7TnXGpNhB8psFNDbTrjK5/sqKiEWkOhMFLsRl3
W/Dv1DbCeCYvuBy2IU14JpkCL+OtXympA9+TO0zR1Wks47pJHJj+4azYOAdMW7l/
5Sc0pmOoXzXjzmfmHupd5ZMGuq0YbN4jDpMcQQ0RCFEb6edALGkJh2KEIxfj55d4
6wPnIVp4cmCGq8II4ZmIb7pavqdLdHAk01Ohnr4YqeirbzlUV8HEB4tuErMelrmi
1Sa1mFSGNteett1FbuOrwyYdollD/XVzouQYvtMJF6Lrd0vjCHZE2pwv0bFsWf+b
YFK+8vgggbEt1wdLP66NW6xxkmd9WBo69cupdQdrbX+n9KH8MDDxHOdUlR1CPb7J
jJAEjYz1V5T7SERlzRSnduY/tsHTXDBYqST1EI0QYIqlVQ8Go3I=
=7T9U
-----END PGP SIGNATURE-----