Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code. For the oldstable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze7. For the stable distribution (wheezy), this problem has been fixed in version 2:3.14.5-1. For the testing distribution (jessie), this problem has been fixed in version 2:3.15.3-1. For the unstable distribution (sid), this problem has been fixed in version 2:3.15.3-1. We recommend that you upgrade your nss packages.
Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code.
For the oldstable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze7.
For the stable distribution (wheezy), this problem has been fixed in version 2:3.14.5-1.
For the testing distribution (jessie), this problem has been fixed in version 2:3.15.3-1.
For the unstable distribution (sid), this problem has been fixed in version 2:3.15.3-1.
We recommend that you upgrade your nss packages.