USN-1106-1: NSS vulnerabilities

06 April 2011

Update to blacklist fraudulent Comodo certificates



  • nss - Transition package for Network Security Service libraries


It was discovered that several invalid HTTPS certificates were issued and
revoked. An attacker could exploit these to perform a man in the middle
attack to view sensitive information or alter encrypted communications.
These certificates were marked as explicitly not trusted to prevent their

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.10
Ubuntu 8.04
Ubuntu 10.10
Ubuntu 10.04

After a standard system update you need to restart any applications that
use NSS, such as Thunderbird or Evolution, to make all the necessary