[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43419 Download | Alert*

This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures .

This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures .

This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to fix various issues: FIPS 140-3 enablement patches were backported from SUSE Linux Enterprise 15. - FIPS: add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck . - FIPS: mark algorithms as approved/non-approved according to security policy . - FISP: remove hard disabling of unapproved algo ...

This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures .

Tavis Ormandy discovered that nss, the Mozilla Network Security Service library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS signatures, which could result in denial of service or potentially the execution of arbitrary code.

nss: Network Security Service library NSS could be made to crash or run programs if it verified a specially crafted signature.

thunderbird: Mozilla Open Source mail and newsgroup client Thunderbird could be made to crash or run programs if it verified a specially crafted signature.

[CLSA-2021:1640002354] Fixed CVE-2021-43527 in nss

netqmail: a secure, reliable, efficient, simple message transfer agent netqmail could be made to crash or run programs as any user if it received specially crafted network traffic.

Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file exists or not.


Pages:      Start    1514    1515    1516    1517    1518    1519    1520    1521    1522    1523    1524    1525    1526    1527    ..   4341

© SecPod Technologies