Ubuntu Security Notice 927-7

Ubuntu Security Notice 927-7: Posted Jul 23, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 927-7 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.; tags | advisory, arbitrary, vulnerability, protocol; systems | linux, ubuntu; SHA-256 | 029b0a950c4c98aaeb2e0905f2a79e7e3fc90edc62763387ac0165267b47cd4a; Download | Favorite | View

Ubuntu Security Notice 927-7

===========================================================
Ubuntu Security Notice USN-927-7              July 23, 2010
nspr update
https://launchpad.net/bugs/599920
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
  libnspr4-0d                     4.8-0ubuntu0.9.04.1

After a standard system upgrade you need to restart any applications that
use NSPR, such as Firefox, to effect the necessary changes.

Details follow:

USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR
needed to use the new NSS.

Original advisory details:

 Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
 protocols. If an attacker could perform a man in the middle attack at the
 start of a TLS connection, the attacker could inject arbitrary content at
 the beginning of the user's session. This update adds support for the new
 new renegotiation extension and will use it when the server supports it.


Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.9.04.1.diff.gz
      Size/MD5:    27026 f2398e87d490d3fcec3fb0cf6be4369e
    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.9.04.1.dsc
      Size/MD5:     1538 73ab6665a42a128aae384a57d336b339
    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8.orig.tar.gz
      Size/MD5:  1170419 e0916a72bcc6c427551ea262183fdb26

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_amd64.deb
      Size/MD5:   299974 dcd8d5e9686f5f7f99a8857dac45383c
    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_amd64.deb
      Size/MD5:   134790 4b51097d2e6109e840355707e0259def
    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_amd64.deb
      Size/MD5:   275134 8686b65317122f6a424307cd079239b0

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_i386.deb
      Size/MD5:   290400 1181db3e0a182a85380d0972767fe471
    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_i386.deb
      Size/MD5:   124714 43d66c5b716b96ae8a0d1528b37dd1a5
    http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_i386.deb
      Size/MD5:   262838 a75f067e1e5acbe121c2117500b35f9e

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_lpia.deb
      Size/MD5:   294636 70bebd4c6b76ebb9c5142b8562ae17fe
    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_lpia.deb
      Size/MD5:   123022 c353d7e06a660701f9a00f1c486c851c
    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_lpia.deb
      Size/MD5:   258346 68fa5a2fd7b83f14256819eb92a7b320

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_powerpc.deb
      Size/MD5:   302240 5fdd091450094dd2a98036a45f052042
    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_powerpc.deb
      Size/MD5:   138700 241261a023edac62998bf23af20cb5e2
    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_powerpc.deb
      Size/MD5:   271168 19b21e913ab0c795944b34f52e7851c1

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_sparc.deb
      Size/MD5:   276302 38b547b2c0124ef1f7d2486ea035f102
    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_sparc.deb
      Size/MD5:   120370 169c60aa33f026b9cf5f922bac904e47
    http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_sparc.deb
      Size/MD5:   256322 62ba95c7de8f9288f6583e9d35dd7d22

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 65 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 7 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,155)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,819)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,239)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,968)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Ubuntu Security Notice 927-7

Ubuntu Security Notice 927-7

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice 927-7

Share This

Ubuntu Security Notice 927-7

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems