USN-2063-1: NSS vulnerability
20 December 2013
Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.
- nss - Network Security Service library
It was discovered that an intermediate certificate was incorrectly issued
by a subordinate certificate authority of a trusted CA included in NSS.
This intermediate certificate could be used in a man-in-the-middle attack,
and has such been marked as untrusted in this update.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart any applications that
use NSS, such as Evolution and Chromium, to make all the necessary changes.