NSS vulnerability

2016-01-07T00:00:00
ID USN-2864-1
Type ubuntu
Reporter Ubuntu
Modified 2016-01-07T00:00:00

Description

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly
allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were
able to perform a man-in-the-middle attack, this flaw could be exploited to
view sensitive information.