7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
48.8%
Debian Security Advisory DSA-2339-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
November 07, 2011 http://www.debian.org/security/faq
Package : nss
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-3640
Debian Bug : 647614
This update to the NSS cryptographic libraries revokes the trust in the
"DigiCert Sdn. Bhd" certificate authority. More information can be found
in the Mozilla Security Blog:
http://blog.mozilla.com/security/2011/11/03/revoking-trust-in-digicert-sdn-bhd-intermediate-certificate-authority/
This update also fixes an insecure load path for pkcs11.txt configuration
file (CVE-2011-3640).
For the oldstable distribution (lenny), this problem has been fixed in
version 3.12.3.1-0lenny7.
For the stable distribution (squeeze), this problem has been fixed in
version 3.12.8-1+squeeze4.
For the unstable distribution (sid), this problem has been fixed in
version 3.13.1.with.ckbi.1.88-1.
We recommend that you upgrade your nss packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | amd64 | libnss3-1d | < 3.12.8-1+squeeze4 | libnss3-1d_3.12.8-1+squeeze4_amd64.deb |
Debian | 6 | i386 | libnss3-1d | < 3.12.8-1+squeeze4 | libnss3-1d_3.12.8-1+squeeze4_i386.deb |
Debian | 5 | i386 | libnss3-dev | < 3.12.3.1-0lenny7 | libnss3-dev_3.12.3.1-0lenny7_i386.deb |
Debian | 5 | mipsel | libnss3-1d | < 3.12.3.1-0lenny7 | libnss3-1d_3.12.3.1-0lenny7_mipsel.deb |
Debian | 6 | s390 | libnss3-tools | < 3.12.8-1+squeeze4 | libnss3-tools_3.12.8-1+squeeze4_s390.deb |
Debian | 5 | mips | libnss3-dev | < 3.12.3.1-0lenny7 | libnss3-dev_3.12.3.1-0lenny7_mips.deb |
Debian | 5 | sparc | libnss3-tools | < 3.12.3.1-0lenny7 | libnss3-tools_3.12.3.1-0lenny7_sparc.deb |
Debian | 5 | mipsel | libnss3-dev | < 3.12.3.1-0lenny7 | libnss3-dev_3.12.3.1-0lenny7_mipsel.deb |
Debian | 5 | amd64 | libnss3-1d | < 3.12.3.1-0lenny7 | libnss3-1d_3.12.3.1-0lenny7_amd64.deb |
Debian | 5 | alpha | libnss3-1d | < 3.12.3.1-0lenny7 | libnss3-1d_3.12.3.1-0lenny7_alpha.deb |