Lucene search

DebianDEBIAN:DSA-4579-1:BA112

HistoryDec 06, 2019 - 9:54 p.m.

[SECURITY] [DSA 4579-1] nss security update

2019-12-0621:54:22

lists.debian.org

159

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.0%

JSON

Debian Security Advisory DSA-4579-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
December 06, 2019 https://www.debian.org/security/faq

Package : nss
CVE ID : CVE-2019-11745 CVE-2019-17007

Two vulnerabilities were discovered in NSS, a set of cryptographic
libraries, which may result in denial of service and potentially the
execution of arbitrary code.

For the stable distribution (buster), these problems have been fixed in
version 2:3.42.1-1+deb10u2.

We recommend that you upgrade your nss packages.

For the detailed security status of nss please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nss

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian10s390xlibnss3-dbgsym< 2:3.42.1-1+deb10u2libnss3-dbgsym_2:3.42.1-1+deb10u2_s390x.deb
Debian10mipsellibnss3-dev< 2:3.42.1-1+deb10u2libnss3-dev_2:3.42.1-1+deb10u2_mipsel.deb
Debian10s390xlibnss3-tools-dbgsym< 2:3.42.1-1+deb10u2libnss3-tools-dbgsym_2:3.42.1-1+deb10u2_s390x.deb
Debian9arm64libnss3-dev< 2:3.26.2-1.1+deb9u2libnss3-dev_2:3.26.2-1.1+deb9u2_arm64.deb
Debian8armellibnss3-dbg< 2:3.26-1+debu8u8libnss3-dbg_2:3.26-1+debu8u8_armel.deb
Debian10mipsellibnss3-tools< 2:3.42.1-1+deb10u2libnss3-tools_2:3.42.1-1+deb10u2_mipsel.deb
Debian9armhflibnss3< 2:3.26.2-1.1+deb9u2libnss3_2:3.26.2-1.1+deb9u2_armhf.deb
Debian10armhflibnss3-dbgsym< 2:3.42.1-1+deb10u2libnss3-dbgsym_2:3.42.1-1+deb10u2_armhf.deb
Debian9amd64libnss3-tools< 2:3.26.2-1.1+deb9u2libnss3-tools_2:3.26.2-1.1+deb9u2_amd64.deb
Debian9arm64libnss3< 2:3.26.2-1.1+deb9u2libnss3_2:3.26.2-1.1+deb9u2_arm64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	s390x	libnss3-dbgsym	< 2:3.42.1-1+deb10u2	libnss3-dbgsym_2:3.42.1-1+deb10u2_s390x.deb
Debian	10	mipsel	libnss3-dev	< 2:3.42.1-1+deb10u2	libnss3-dev_2:3.42.1-1+deb10u2_mipsel.deb
Debian	10	s390x	libnss3-tools-dbgsym	< 2:3.42.1-1+deb10u2	libnss3-tools-dbgsym_2:3.42.1-1+deb10u2_s390x.deb
Debian	9	arm64	libnss3-dev	< 2:3.26.2-1.1+deb9u2	libnss3-dev_2:3.26.2-1.1+deb9u2_arm64.deb
Debian	8	armel	libnss3-dbg	< 2:3.26-1+debu8u8	libnss3-dbg_2:3.26-1+debu8u8_armel.deb
Debian	10	mipsel	libnss3-tools	< 2:3.42.1-1+deb10u2	libnss3-tools_2:3.42.1-1+deb10u2_mipsel.deb
Debian	9	armhf	libnss3	< 2:3.26.2-1.1+deb9u2	libnss3_2:3.26.2-1.1+deb9u2_armhf.deb
Debian	10	armhf	libnss3-dbgsym	< 2:3.42.1-1+deb10u2	libnss3-dbgsym_2:3.42.1-1+deb10u2_armhf.deb
Debian	9	amd64	libnss3-tools	< 2:3.26.2-1.1+deb9u2	libnss3-tools_2:3.26.2-1.1+deb9u2_amd64.deb
Debian	9	arm64	libnss3	< 2:3.26.2-1.1+deb9u2	libnss3_2:3.26.2-1.1+deb9u2_arm64.deb