system/nss: multiple vulnerabilities
| Bugzilla ID | 164 |
| Alias(es) | CVE-2019-11719, CVE-2019-11727, CVE-2019-11729 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2019-07-31 10:51:33 -0500 |
| Modified | 2019-08-04 19:27:23 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
Description
CVE-2019-11719: https://nvd.nist.gov/vuln/detail/CVE-2019-11719
When importing a curve25519 private key in PKCS#8format with leading
0x00 bytes, it is possible to trigger an out-of-bounds read in the
Network Security Services (NSS) library. This could lead to
information disclosure. This vulnerability affects Firefox ESR < 60.8,
Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11727: https://nvd.nist.gov/vuln/detail/CVE-2019-11727
A vulnerability exists where it possible to force Network Security
Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures
when those are the only ones advertised by server in
CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be
used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
CVE-2019-11729: https://nvd.nist.gov/vuln/detail/CVE-2019-11729
Empty or malformed p256-ECDH public keys may trigger a segmentation
fault due values being improperly sanitized before being copied into
memory and used. This vulnerability affects Firefox ESR < 60.8,
Firefox < 68, and Thunderbird < 60.8.
All fixed in >= 3.45.