Overview

File _patchinfo of Package patchinfo.3024

<patchinfo incident="mozilla-nss">
  <packager>wrosenauer</packager>
  <issue tracker="bnc" id="897890">VUL-0: EMBARGOED: mozilla-nss: certificate forgery possible</issue>
  <issue tracker="cve" id="CVE-2014-1568"></issue>
  <issue tracker="bmo" id="1064636"></issue>
  <issue tracker="bmo" id="1069405"></issue>
  <category>security</category>
  <rating>critical</rating>
  <summary>mozilla-nss: update to avoid signature forgery</summary>
  <description>Mozilla NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates.</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places