USN-927-2: NSS regression  

Posted by Daniela Mehler

"Ubuntu Security Notice USN-927-2 April 11, 2010
nss regression
https://launchpad.net/bugs/559881
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
libnss3-1d 3.12.6-0ubuntu0.9.10.2

After a standard system upgrade you need to restart your session to effect
the necessary changes.

Details follow:

USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added an
additional checksum verification on libnssdbm3.so, but the Ubuntu packaging
did not create this checksum. As a result, Firefox could not initialize the
security component when the NSS Internal FIPS PKCS #11 Module was enabled.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
protocols. If an attacker could perform a man in the middle attack at the
start of a TLS connection, the attacker could inject arbitrary content at
the beginning of the user's session. This update adds support for the new
new renegotiation extension and will use it when the server supports it.


Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.9.10.2.diff.gz
Size/MD5: 36659 1c82d002115ed4a76dc98d33ef5c839c
http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.9.10.2.dsc
Size/MD5: 1651 41544d2843858123ad5852de1587744c
http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6.orig.tar.gz
Size/MD5: 5947630 da42596665f226de5eb3ecfc1ec57cd1

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 3235700 8227d9d710a9784750fc541f82d85101
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 1234558 f8db18eb4fec7df4387e5e546ea99871
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 263208 692167e64c00a9990af72a28299b4fbb
http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 17854 f9fa214108ab20d8fe4d61567a86d7c0
http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_amd64.deb
Size/MD5: 313212 4ae57dcb06572bcdc1e311977a965c55

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_i386.deb
Size/MD5: 3178422 4a141b3f01631497184c0bb260a212f3
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_i386.deb
Size/MD5: 1119994 8e4bfbd067aa051603306ce57949ce51
http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_i386.deb
Size/MD5: 260530 c61feb6f65d7419f93f355a5f0755917
http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_i386.deb
Size/MD5: 17856 05ac21be0089e816c076f8707d41d21b
http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_i386.deb
Size/MD5: 299834 26d317dc29710b27dd0d0b7a36b6c2a1

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 3216556 9230b137f92129c304dddfc5c67853fe
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 1095892 9566ecb3416bd99ba0e6288505626fe9
http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 259484 0236cb25267ac3ca1b3bfd586d14d26d
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 17858 ecb362aec61c87f1cfc4e86cd2dec5cb
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_lpia.deb
Size/MD5: 298510 2977f41a1b2fcf7ca25b331336f7dc8f

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 3325490 ac9caf32bab4d4b911d1c54112583b65
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 1207122 99b17d40842c1804ee23d19e4a7ffaa0
http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 261820 f46b59e90bf4ff07ca79b5d404f372ed
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 17858 dca2efb9e1426ff39c55008eaf942926
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_powerpc.deb
Size/MD5: 311022 da3a483c19347cd667c11d8a989d15aa

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 2967780 e3456024e64ee1d14b5b754a93840ac7
http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 1074620 202e630d20824b2d4e2614d11d86c2c4
http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 257422 fa69b29c59fe334d65d433ab11febbed
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 17856 287ae523a22a8049d3d1c802d5760b83
http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_sparc.deb
Size/MD5: 299970 ed1b8755bc1e9da16a08c82ebfecf0fd




--mxv5cy4qt+RJ9ypb
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkvCRksACgkQW0JvuRdL8BokTACfSMtcdq85QVQT8MUi/l4HoMG8
gV0AnRpK4Fk3wYRb8I0pv+AOrc5pP78c
=/I5r
-----END PGP SIGNATURE-----
"

Hawkwind and Hadouken! to play GuilFestUSN-922-1: libnss-db vulnerability

This entry was posted on 3:59 AM .