Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. (CVE-2015-2721)
Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. (CVE-2015-2730)
As a security improvement, this update modifies NSS behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack.
This update also refreshes the NSS package to version 3.19.2 which includes the latest CA certificate bundle.
{ "availability": "No subscription required", "binaries": [ { "libnss3-nssdb": "2:3.19.2-0ubuntu0.14.04.1", "libnss3-1d": "2:3.19.2-0ubuntu0.14.04.1", "libnss3-dbgsym": "2:3.19.2-0ubuntu0.14.04.1", "libnss3": "2:3.19.2-0ubuntu0.14.04.1", "libnss3-dev": "2:3.19.2-0ubuntu0.14.04.1", "libnss3-dbg": "2:3.19.2-0ubuntu0.14.04.1", "libnss3-tools": "2:3.19.2-0ubuntu0.14.04.1", "libnss3-tools-dbgsym": "2:3.19.2-0ubuntu0.14.04.1" } ] }