Monday, January 14, 2013

[USN-1687-2] NSPR update

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJQ9I77AAoJEFHb3FjMVZVz6LEP/ilzEpVUuKP6H76TVD75iZY4
Wmi71zPX4rkOeq+YdsrUi/I0PR2lcooF6GbqAzmVbHuSSXfY2LHp7aUbH3tFa0yf
bLbbyQNVO+GgUiIZTXaQ38RHftRPYAR1Ep/4VymovdArGB9Yz/AG6m76A7JwR1F3
Z9btVAdyz/WRaSGpSS2154yyzBE88us4+PkndAoKfmcsqBGjhvDveq00gCPOttq3
uGIHdeNT6HMAStggEQTQbk5W/rTsvBQUaBN4fVjb0NvD0f57GyCIrt6UgVgLshoS
msXZei2tt9djh1+k1RT22eP0EqyoW2dDGfQWcCuQ4u1KsJeyFpmGn+1GBMwsk6mF
BadckbKm5y9sqzB87iv1Le/r/rkXj60YnwYhm0jJZmXbveHfzset21055r9fr9q4
EZtE/gA/zZdCGIdoLUa7Rn8nDdt8yc6UzoN/CdOkikEGBa9sWKV2kmH2uGyYEkyl
XyPEGeN2nWQHNbwAsU3n997gh2y8xUK2UnW1EWnRPM8LmPB9rwLEqO5co7Up/R/3
k5+uzp2qt8Z6EaLdm1jvEZ5+OhzTKd71s8bYCb1VH0Q24rmOeYooFaORU4Xx5bGZ
GQxDza1Qty/rf0ENwBBLZGBJet1MueB51Iq1muku8LoznoZG2ZKJEDo0eogH9xhC
FmN7GfWFRolIYZNHD8MT
=Px82
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1687-2
January 14, 2013

nspr update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

NSPR update to work with the new NSS.

Software Description:
- nspr: NetScape Portable Runtime Library

Details:

USN-1687-1 fixed a vulnerability NSS. This update provides the NSPR needed
to use the new NSS.

Original advisory details:

Two intermediate CA certificates were mis-issued by the TURKTRUST
certificate authority. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to view sensitive
information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
libnspr4-0d 4.9.4-0ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libnspr4-0d 4.9.4-0ubuntu0.12.04.1

Ubuntu 11.10:
libnspr4-0d 4.9.4-0ubuntu0.11.10.1

Ubuntu 10.04 LTS:
libnspr4-0d 4.9.4-0ubuntu0.10.04.1

After a standard system update you need to restart any applications that
use NSS, such as Evolution and Chromium, to make all the necessary
changes.

References:
http://www.ubuntu.com/usn/usn-1687-2
http://www.ubuntu.com/usn/usn-1687-1
CVE-2013-0743

Package Information:
https://launchpad.net/ubuntu/+source/nspr/4.9.4-0ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/nspr/4.9.4-0ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/nspr/4.9.4-0ubuntu0.11.10.1
https://launchpad.net/ubuntu/+source/nspr/4.9.4-0ubuntu0.10.04.1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)