USN-2791-1: NSS vulnerabilities
04 November 2015
NSS could be made to crash or run programs if it received specially crafted input.
- nss - Network Security Service library
Tyson Smith and David Keeler discovered that NSS incorrectly handled
decoding certain ASN.1 data. An remote attacker could use this issue to
cause NSS to crash, resulting in a denial of service, or possibly execute
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart any applications that
use NSS, such as Evolution and Chromium, to make all the necessary changes.