mozilla-nss: update to avoid signature forgery
Mozilla NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates.
-
Submitted by
Wolfgang Rosenauer (wrosenauer)
Fixed bugs
bnc#897890
VUL-0: EMBARGOED: mozilla-nss: certificate forgery possible
