exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 927-5

Ubuntu Security Notice 927-5
Posted Jun 30, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-5 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
SHA-256 | cfd634fb24047359c0e62ceceef5286082e5e64673dab584fded15053ba4643b

Ubuntu Security Notice 927-5

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-927-5 June 29, 2010
nspr update
https://launchpad.net/bugs/599920
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
libnspr4-0d 4.8-0ubuntu0.8.04.1

After a standard system upgrade you need to restart any applications that
use NSPR, such as Firefox, to effect the necessary changes.

Details follow:

USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR
needed to use the new NSS.

Original advisory details:

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
protocols. If an attacker could perform a man in the middle attack at the
start of a TLS connection, the attacker could inject arbitrary content at
the beginning of the user's session. This update adds support for the new
new renegotiation extension and will use it when the server supports it.


Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.8.04.1.diff.gz
Size/MD5: 25304 a89005f28a3550016bfc1e1b03a62b47
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.8.04.1.dsc
Size/MD5: 1538 34d6a5c74bd116bd51e3dd57cdad1bfb
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8.orig.tar.gz
Size/MD5: 1170419 e0916a72bcc6c427551ea262183fdb26

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_amd64.deb
Size/MD5: 287818 ccd48e60c0fc94bb62ce357876d0b8ec
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_amd64.deb
Size/MD5: 131152 a5dc7f6fe850270775c07dbd06c33b25
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_amd64.deb
Size/MD5: 272486 11cd7f75d678ab8c4f51cdfb2e56b6fa

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_i386.deb
Size/MD5: 279448 ef823fec69f35a619582f48731559c2a
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_i386.deb
Size/MD5: 120418 cb1d35868cebbcaa3be4ad1b62cb4565
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_i386.deb
Size/MD5: 259106 9432f78ec57a2b9238e8b9e810286246

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_lpia.deb
Size/MD5: 282710 0155f10a5a55ef199630ee74fb84310d
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_lpia.deb
Size/MD5: 118914 ee8aa23a538679e11ec58e1aaa8538fe
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_lpia.deb
Size/MD5: 254744 449f1f6c5a296a5cf052dd1cde3634e4

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_powerpc.deb
Size/MD5: 289602 2f7d533c65882b5239ea50a86ce8e6ba
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_powerpc.deb
Size/MD5: 134550 24887e23d18fcb7453c064e269556595
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_powerpc.deb
Size/MD5: 266454 769f2f664f8e9cd2552ee7227a876d44

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.8.04.1_sparc.deb
Size/MD5: 265440 a14c8b3841b429218a70126605bb383c
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.8.04.1_sparc.deb
Size/MD5: 118014 98544a4737bdb0be89fc3e2dcd0b00f3
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.8.04.1_sparc.deb
Size/MD5: 254672 90862aaf37e0c8695dfd7e5d5cef6342



Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close