Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

USN-4060-1: NSS vulnerabilities

16 July 2019

Several security issues were fixed in NSS.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • nss - Network Security Service library

Details

Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing
certain curve25519 private keys. An attacker could use this issue to cause
NSS to crash, resulting in a denial of service, or possibly obtain
sensitive information. (CVE-2019-11719)

Hubert Kario discovered that NSS incorrectly handled PKCS#1 v1.5 signatures
when using TLSv1.3. An attacker could possibly use this issue to trick NSS
into using PKCS#1 v1.5 signatures, contrary to expectations. This issue
only applied to Ubuntu 19.04. (CVE-2019-11727)

Jonas Allmann discovered that NSS incorrectly handled certain p256-ECDH
public keys. An attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. (CVE-2019-11729)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.04
Ubuntu 16.04

After a standard system update you need to restart any applications that
use NSS, such as Evolution, to make all the necessary changes.

Related notices

  • USN-4054-1: firefox-locale-es, firefox-locale-gl, firefox-locale-pl, firefox-locale-sl, firefox-locale-nl, firefox-locale-ms, firefox-locale-hsb, firefox-locale-sq, firefox-locale-or, firefox-locale-te, firefox-locale-fy, firefox-locale-ar, firefox-locale-fi, firefox-locale-fa, firefox-locale-az, firefox-locale-ta, firefox-locale-hu, firefox-locale-lg, firefox-locale-th, firefox-locale-kn, firefox-locale-nb, firefox-locale-xh, firefox-locale-mr, firefox-locale-as, firefox-locale-ur, firefox-locale-da, firefox-locale-it, firefox-locale-pa, firefox-dev, firefox-locale-my, firefox-locale-cy, firefox-locale-ne, firefox-locale-br, firefox-locale-ku, firefox-locale-bs, firefox-locale-id, firefox-locale-af, firefox-locale-en, firefox-locale-lt, firefox-locale-sw, firefox-locale-ast, firefox-locale-zh-hant, firefox-locale-kab, firefox-locale-an, firefox-locale-ca, firefox-locale-gu, firefox-locale-ia, firefox-geckodriver, firefox-locale-bg, firefox-locale-gd, firefox-locale-ja, firefox-locale-ml, firefox-locale-tr, firefox-locale-be, firefox-mozsymbols, firefox-locale-eo, firefox-locale-lv, firefox-locale-gn, firefox-locale-kk, firefox-locale-mk, firefox-locale-km, firefox-locale-de, firefox, firefox-locale-et, firefox-locale-eu, firefox-locale-cak, firefox-locale-fr, firefox-locale-mai, firefox-locale-si, firefox-locale-oc, firefox-locale-hi, firefox-locale-ka, firefox-locale-csb, firefox-locale-vi, firefox-locale-ru, firefox-locale-uz, firefox-locale-sv, firefox-locale-is, firefox-locale-zh-hans, firefox-locale-sk, firefox-locale-ro, firefox-locale-uk, firefox-locale-pt, firefox-locale-ko, firefox-locale-hy, firefox-locale-ga, firefox-locale-he, firefox-locale-el, firefox-locale-mn, firefox-locale-cs, firefox-locale-sr, firefox-locale-zu, firefox-locale-nso, firefox-locale-hr, firefox-locale-nn, firefox-globalmenu, firefox-locale-bn
  • USN-4064-1: thunderbird-locale-ca, thunderbird-locale-ko, thunderbird-locale-pa-in, thunderbird-dev, thunderbird-globalmenu, thunderbird-locale-ga, thunderbird-locale-sv-se, thunderbird-locale-fr, thunderbird-locale-nb, thunderbird-locale-si, thunderbird-locale-zh-hant, thunderbird-locale-gl, thunderbird-locale-sr, thunderbird-locale-vi, thunderbird-locale-en, thunderbird-locale-nl, thunderbird-locale-af, thunderbird-locale-uk, thunderbird-locale-en-gb, thunderbird-locale-ru, thunderbird-mozsymbols, thunderbird-locale-et, thunderbird-locale-hr, thunderbird-locale-nn-no, xul-ext-calendar-timezones, thunderbird-locale-ar, thunderbird-locale-rm, thunderbird-locale-is, thunderbird-locale-tr, thunderbird-locale-fy, thunderbird-locale-bg, thunderbird-locale-sv, thunderbird-locale-nb-no, thunderbird-locale-nn, thunderbird-locale-es, thunderbird-locale-sk, thunderbird-locale-kab, thunderbird-locale-fy-nl, thunderbird-locale-hu, thunderbird-gnome-support, thunderbird-locale-pt, thunderbird-locale-kk, thunderbird-locale-sq, thunderbird-locale-pt-br, thunderbird-locale-eu, thunderbird-locale-ro, thunderbird-locale-zh-cn, xul-ext-gdata-provider, thunderbird-locale-it, thunderbird-locale-ast, thunderbird-locale-ga-ie, thunderbird-locale-lt, thunderbird-locale-gd, thunderbird-locale-cy, thunderbird-locale-ja, thunderbird-locale-fi, thunderbird-locale-be, thunderbird-locale-pa, thunderbird-locale-ka, thunderbird-locale-cs, thunderbird-locale-ta, thunderbird-locale-da, thunderbird-locale-es-ar, thunderbird, thunderbird-locale-el, thunderbird-locale-ms, thunderbird-locale-zh-tw, thunderbird-locale-id, thunderbird-locale-ta-lk, thunderbird-locale-dsb, thunderbird-locale-br, thunderbird-locale-en-us, thunderbird-locale-pt-pt, xul-ext-lightning, thunderbird-locale-mk, thunderbird-locale-hy, thunderbird-locale-bn, thunderbird-locale-es-es, thunderbird-locale-sl, thunderbird-locale-pl, thunderbird-locale-de, thunderbird-locale-he, thunderbird-locale-bn-bd, thunderbird-locale-zh-hans, thunderbird-locale-hsb
  • USN-4060-2: libnss3-dev, libnss3, libnss3-nssdb, libnss3-1d, libnss3-tools, nss