USN-4060-1 fixed several vulnerabilities in nss. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2019-11719)
Jonas Allmann discovered that NSS incorrectly handled certain p256-ECDH public keys. An attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. (CVE-2019-11729)
{ "availability": "No subscription required", "binaries": [ { "libnss3-1d": "2:3.28.4-0ubuntu0.14.04.5+esm1", "libnss3-tools": "2:3.28.4-0ubuntu0.14.04.5+esm1", "libnss3": "2:3.28.4-0ubuntu0.14.04.5+esm1", "libnss3-dev": "2:3.28.4-0ubuntu0.14.04.5+esm1", "libnss3-nssdb": "2:3.28.4-0ubuntu0.14.04.5+esm1" } ] }