-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: nss Binary: libnss3, libnss3-1d, libnss3-tools, libnss3-dev, libnss3-dbg Architecture: any Version: 2:3.14.5-1+deb7u4 Maintainer: Maintainers of Mozilla-related packages <[email protected]> Uploaders: Mike Hommey <[email protected]> Homepage: http://www.mozilla.org/projects/security/pki/nss/ Standards-Version: 3.9.3.0 Vcs-Browser: http://git.debian.org/?p=pkg-mozilla/nss.git Vcs-Git: git://git.debian.org/git/pkg-mozilla/nss.git Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1.1~), libnspr4-dev (>= 2:4.9), zlib1g-dev, libsqlite3-dev (>= 3.3.9) Package-List: libnss3 deb libs optional libnss3-1d deb oldlibs extra libnss3-dbg deb debug extra libnss3-dev deb libdevel optional libnss3-tools deb admin optional Checksums-Sha1: d977d50bbd78c7cae520a57781c19c07927f5b7e 6189507 nss_3.14.5.orig.tar.gz d7a36ddaf8f28c0480f4ed4c59169d8718280713 50232 nss_3.14.5-1+deb7u4.debian.tar.gz Checksums-Sha256: 61f3493117483c85ef343fc7f22e1b3b7bff14580c632523d939eea8c5849216 6189507 nss_3.14.5.orig.tar.gz c8e51b22d2ff59ef28333fa288f4c71fdb88fd420153a43e6d891dc22374278f 50232 nss_3.14.5-1+deb7u4.debian.tar.gz Files: 73cf5c23206f7d333853aea697a0e7c9 6189507 nss_3.14.5.orig.tar.gz a001adf4942fcaf1c8b4ea1806b558e2 50232 nss_3.14.5-1+deb7u4.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVAecCAAoJEAVMuPMTQ89ELpAP/AmXtLUshGQbblqDjCX4xICv wGyMuLGXZJAEomMdUV10q5hZrzBuXmQDpkjFMpnFfT53YSZys7+PgraBoWma/0Ha e7cZeiew2ZIFFhIZj6iceXGeoSqgb/HArzA3l3EccEc+9G37/l9fFN/+/dmBJ0TM URqw03DaUfr48Lzrv/G5ZPfK9kmWV9WlMEfgWmxrqOyiIdxdrd8B2K6xs1w+xe9v cE7GEpSK32yf7IwYg1rtKfqq637FyTRbvDxbJd4U/NBH9x5U4FZpXHsID+Svudd6 pbLJ76CCEaLt2yAWaLDj/zVHItLJEiofhHQsIMa13yQtSU7Pv8qPGmbemI6WWyVy g82ZsbKsLuD7Xu9737D09sJyE54mO2DE3Mwe98GEElSNcXoFxeVa4cJmOlVTSh01 LSltdUNJ9mxmPHY0g34h4MAsUUZFEzLRuIYZrbC1ebdu0CF1TdqIq3DTTZR/rmTd jkDB8rDdFA2hjii6x2ESMded92jUAr01UO640ds9SsO0uJbw6qIzW0rGdtLEIbBI 3Qgy924mCW0iBhIvqLb+pHw60DzwmZrgrCV/rBp6lgN6OqHm1P2KlATKNbjs/o3O bsa1p0k4f5f68YzSvSd1oh1Eca0aeHxyq1UiMljO8x/cyx5wj8Uf/1Gln5aLXjJi lMAil7AQkhIheBKTArdC =Tnif -----END PGP SIGNATURE----- Changes: nss (2:3.14.5-1+deb7u4) wheezy-security; urgency=high * Non-maintainer upload by the Security Team. * Add CVE-2014-1569.patch. CVE-2014-1569: ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data. (Closes: #773625) -- Salvatore Bonaccorso <[email protected]> Mon, 29 Dec 2014 16:11:33 +0100
