Your submission was sent successfully! Close

CVE-2016-2834

Published: 08 June 2016

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (47.0)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (47.0+build3-0ubuntu0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [47.0+build3-0ubuntu0.14.04.1])
nss
Launchpad, Ubuntu, Debian
Upstream
Released (3.23)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2:3.23-0ubuntu0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2:3.23-0ubuntu0.14.04.1)
Patches:
Upstream: https://hg.mozilla.org/projects/nss/rev/8d78a5ae260a (1221620)
Upstream: https://hg.mozilla.org/projects/nss/rev/99beadb15243 (1221620, tests)
Upstream: https://hg.mozilla.org/projects/nss/rev/5cbc92f72be3 (1221620, windows fix)
Upstream: https://hg.mozilla.org/projects/nss/rev/1ba7cd83c672 (1206283)
Upstream: https://hg.mozilla.org/projects/nss/rev/5fde729fdbff (1241034)
Upstream: https://hg.mozilla.org/projects/nss/rev/329932eb1700 (1241037)
thunderbird
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 16.04 ESM (Xenial Xerus)
Released (1:52.4.0+build1-0ubuntu0.16.04.2)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1:52.4.0+build1-0ubuntu0.14.04.2])