USN-4397-2

Details

USN-4397-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. (CVE-2020-12399)

Affected Packages

Ubuntu:Pro:14.04:LTSnss

Fixed in:

2:3.28.4-0ubuntu0.14.04.5+esm5

References

REPORThttps://ubuntu.com/security/CVE-2020-12399 ADVISORYhttps://ubuntu.com/security/notices/USN-4397-2

USN-4397-2

Details

Affected Packages

References

Upstream

Ecosystems

Timeline