USN-4476-1

Source

https://ubuntu.com/security/notices/USN-4476-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4476-1.json

Related

CVE-2020-12403

Published

2020-08-27T15:45:39.071132Z

Modified

2020-08-27T15:45:39.071132Z

Details

It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information.

References

Affected packages

Ubuntu:18.04:LTS / nss

Package

Name: nss

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:3.35-2ubuntu2.12

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libnss3-tools": "2:3.35-2ubuntu2.12",
            "libnss3": "2:3.35-2ubuntu2.12",
            "libnss3-dev": "2:3.35-2ubuntu2.12"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / nss

Package

Name: nss

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:3.28.4-0ubuntu0.14.04.5+esm8

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "libnss3-1d": "2:3.28.4-0ubuntu0.14.04.5+esm8",
            "libnss3-tools": "2:3.28.4-0ubuntu0.14.04.5+esm8",
            "libnss3": "2:3.28.4-0ubuntu0.14.04.5+esm8",
            "libnss3-dev": "2:3.28.4-0ubuntu0.14.04.5+esm8",
            "libnss3-nssdb": "2:3.28.4-0ubuntu0.14.04.5+esm8"
        }
    ]
}

Ubuntu:20.04:LTS / nss

Package

Name: nss

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:3.49.1-1ubuntu1.5

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libnss3-tools": "2:3.49.1-1ubuntu1.5",
            "libnss3": "2:3.49.1-1ubuntu1.5",
            "libnss3-dev": "2:3.49.1-1ubuntu1.5"
        }
    ]
}

Ubuntu:16.04:LTS / nss

Package

Name: nss

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2:3.28.4-0ubuntu0.16.04.14

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libnss3-1d": "2:3.28.4-0ubuntu0.16.04.14",
            "libnss3-tools": "2:3.28.4-0ubuntu0.16.04.14",
            "libnss3": "2:3.28.4-0ubuntu0.16.04.14",
            "libnss3-dev": "2:3.28.4-0ubuntu0.16.04.14",
            "libnss3-nssdb": "2:3.28.4-0ubuntu0.16.04.14"
        }
    ]
}