what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 927-5

Ubuntu Security Notice 927-5
Posted Jun 30, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-5 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
SHA-256 | cfd634fb24047359c0e62ceceef5286082e5e64673dab584fded15053ba4643b

Ubuntu Security Notice 927-5

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-927-5 June 29, 2010
nspr update
https://launchpad.net/bugs/599920
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
libnspr4-0d 4.8-0ubuntu0.8.04.1

After a standard system upgrade you need to restart any applications that
use NSPR, such as Firefox, to effect the necessary changes.

Details follow:

USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR
needed to use the new NSS.

Original advisory details:

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
protocols. If an attacker could perform a man in the middle attack at the
start of a TLS connection, the attacker could inject arbitrary content at
the beginning of the user's session. This update adds support for the new
new renegotiation extension and will use it when the server supports it.


Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.8.04.1.diff.gz
Size/MD5: 25304 a89005f28a3550016bfc1e1b03a62b47
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.8.04.1.dsc
Size/MD5: 1538 34d6a5c74bd116bd51e3dd57cdad1bfb
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8.orig.tar.gz
Size/MD5: 1170419 e0916a72bcc6c427551ea262183fdb26

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_amd64.deb
Size/MD5: 287818 ccd48e60c0fc94bb62ce357876d0b8ec
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_amd64.deb
Size/MD5: 131152 a5dc7f6fe850270775c07dbd06c33b25
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_amd64.deb
Size/MD5: 272486 11cd7f75d678ab8c4f51cdfb2e56b6fa

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_i386.deb
Size/MD5: 279448 ef823fec69f35a619582f48731559c2a
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_i386.deb
Size/MD5: 120418 cb1d35868cebbcaa3be4ad1b62cb4565
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_i386.deb
Size/MD5: 259106 9432f78ec57a2b9238e8b9e810286246

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_lpia.deb
Size/MD5: 282710 0155f10a5a55ef199630ee74fb84310d
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_lpia.deb
Size/MD5: 118914 ee8aa23a538679e11ec58e1aaa8538fe
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_lpia.deb
Size/MD5: 254744 449f1f6c5a296a5cf052dd1cde3634e4

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_powerpc.deb
Size/MD5: 289602 2f7d533c65882b5239ea50a86ce8e6ba
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_powerpc.deb
Size/MD5: 134550 24887e23d18fcb7453c064e269556595
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_powerpc.deb
Size/MD5: 266454 769f2f664f8e9cd2552ee7227a876d44

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_sparc.deb
Size/MD5: 265440 a14c8b3841b429218a70126605bb383c
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_sparc.deb
Size/MD5: 118014 98544a4737bdb0be89fc3e2dcd0b00f3
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_sparc.deb
Size/MD5: 254672 90862aaf37e0c8695dfd7e5d5cef6342



Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close