Your submission was sent successfully! Close

CVE-2020-12413

Published: 25 September 2020

[racoon attack for NSS]

Priority

Low

Status

Package Release Status
nss
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

precise Ignored
(end of ESM support, was needs-triage)
trusty Needs triage

upstream Needs triage

xenial Needs triage

Notes

AuthorNote
mdeslaur
nss doesn't reuse DHE keys, but does reuse ECDHE keys, which is
not problematic for the moment. See page 13 of
https://raccoon-attack.com/RacoonAttack.pdf
and the nss release notes for 3.17:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17_release_notes

References

Bugs