Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 927-5: nspr update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPRneeded to use the new NSS. [More...]
Ubuntu Security Notice USN-927-5              June 29, 2010
nspr update

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  libnspr4-0d                     4.8-0ubuntu0.8.04.1

After a standard system upgrade you need to restart any applications that
use NSPR, such as Firefox, to effect the necessary changes.

Details follow:

USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR
needed to use the new NSS.

Original advisory details:

 Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
 protocols. If an attacker could perform a man in the middle attack at the
 start of a TLS connection, the attacker could inject arbitrary content at
 the beginning of the user's session. This update adds support for the new
 new renegotiation extension and will use it when the server supports it.

Updated packages for Ubuntu 8.04 LTS:

  Source archives:
      Size/MD5:    25304 a89005f28a3550016bfc1e1b03a62b47
      Size/MD5:     1538 34d6a5c74bd116bd51e3dd57cdad1bfb
      Size/MD5:  1170419 e0916a72bcc6c427551ea262183fdb26

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   287818 ccd48e60c0fc94bb62ce357876d0b8ec
      Size/MD5:   131152 a5dc7f6fe850270775c07dbd06c33b25
      Size/MD5:   272486 11cd7f75d678ab8c4f51cdfb2e56b6fa

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   279448 ef823fec69f35a619582f48731559c2a
      Size/MD5:   120418 cb1d35868cebbcaa3be4ad1b62cb4565
      Size/MD5:   259106 9432f78ec57a2b9238e8b9e810286246

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   282710 0155f10a5a55ef199630ee74fb84310d
      Size/MD5:   118914 ee8aa23a538679e11ec58e1aaa8538fe
      Size/MD5:   254744 449f1f6c5a296a5cf052dd1cde3634e4

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   289602 2f7d533c65882b5239ea50a86ce8e6ba
      Size/MD5:   134550 24887e23d18fcb7453c064e269556595
      Size/MD5:   266454 769f2f664f8e9cd2552ee7227a876d44

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   265440 a14c8b3841b429218a70126605bb383c
      Size/MD5:   118014 98544a4737bdb0be89fc3e2dcd0b00f3
      Size/MD5:   254672 90862aaf37e0c8695dfd7e5d5cef6342

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.