Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property. (CVE-2015-2721)
Watson Ladd discovered that NSS incorrectly handled Elliptical Curve Cryptography (ECC) multiplication. A remote attacker could possibly use this issue to spoof ECDSA signatures. (CVE-2015-2730)
As a security improvement, this update modifies NSS behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack.
This update also refreshes the NSS package to version 3.19.2 which includes the latest CA certificate bundle.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-1d" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-dbg" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-dbgsym" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-dev" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-nssdb" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-tools" }, { "binary_version": "2:3.19.2-0ubuntu0.14.04.1", "binary_name": "libnss3-tools-dbgsym" } ] }