Bug#726473: nss: CVE-2013-1739
Mike Hommey
mh at glandium.org
Sun Oct 20 23:13:24 UTC 2013
On Wed, Oct 16, 2013 at 12:26:49AM -0400, Michael Gilbert wrote:
> package: nss
> version: 3.12.8-1
> severity: grave
> tag: security
>
> Hi,
>
> A security issue was recently fixed in nss 3.15.2:
> [0] https://security-tracker.debian.org/tracker/CVE-2013-1739
>
> For unstable, its probably easiest to just update directly to the
> latest upstream version to fix this. Actual patch is still behind a
> restricted bug report, so I was not able to fully check affected
> versions.
The bug was introduced in 3.14.3, so it doesn't affect squeeze. It does,
however affect wheezy.
Mike
More information about the pkg-mozilla-maintainers
mailing list