[3.1] nss: security issues (CVE-2016-1950, CVE-2016-1979)
CVE-2016-1950: Heap buffer overflow vulnerability in ASN1 certificate parsing
Heap-based buffer overflow in Mozilla Network Security Services (NSS)
before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in
Mozilla
Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote
attackers to execute arbitrary code via crafted ASN.1 data in an X.509
certificate.
Fixed in:
nss 3.19.2.3, 3.21.1
References:
https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
Patch:
https://bugzilla.redhat.com/attachment.cgi?id=1129399 (from https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-1950)
CVE-2016-1979: use-after-poison in PK11_ImportDERPrivateKeyInfoAndReturnKey()
Use-after-free vulnerability in the
PK11_ImportDERPrivateKeyInfoAndReturnKey function in Mozilla
Network Security Services (NSS) before 3.21.1, as used in Mozilla
Firefox before 45.0, allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via crafted key data with DER encoding.
Fixed in:
nss 3.21.1
References:
https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
(from redmine: issue id 5324, created on 2016-03-23, closed on 2016-04-12)
- Relations:
- parent #5321 (closed)
- Changesets:
- Revision b72b361c on 2016-04-11T08:34:13Z:
main/nss: security upgrade to 3.19.2.3 (CVE-2016-1950, CVE-2016-1979). Fixes #5324