USN-4397-2

Details

USN-4397-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker could possibly use this issue to perform a timing attack and recover DSA keys. (CVE-2020-12399)

Affected Packages

nss

Ubuntu Pro 14.04 LTS

Fixed in:

2:3.28.4-0ubuntu0.14.04.5+esm5

References

REPORT

https://ubuntu.com/security/CVE-2020-12399

ADVISORY

https://ubuntu.com/security/notices/USN-4397-2