exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 927-7

Ubuntu Security Notice 927-7
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-7 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
SHA-256 | 029b0a950c4c98aaeb2e0905f2a79e7e3fc90edc62763387ac0165267b47cd4a

Ubuntu Security Notice 927-7

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-927-7 July 23, 2010
nspr update
https://launchpad.net/bugs/599920
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
libnspr4-0d 4.8-0ubuntu0.9.04.1

After a standard system upgrade you need to restart any applications that
use NSPR, such as Firefox, to effect the necessary changes.

Details follow:

USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR
needed to use the new NSS.

Original advisory details:

Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3
protocols. If an attacker could perform a man in the middle attack at the
start of a TLS connection, the attacker could inject arbitrary content at
the beginning of the user's session. This update adds support for the new
new renegotiation extension and will use it when the server supports it.


Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.9.04.1.diff.gz
Size/MD5: 27026 f2398e87d490d3fcec3fb0cf6be4369e
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8-0ubuntu0.9.04.1.dsc
Size/MD5: 1538 73ab6665a42a128aae384a57d336b339
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/nspr_4.8.orig.tar.gz
Size/MD5: 1170419 e0916a72bcc6c427551ea262183fdb26

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 299974 dcd8d5e9686f5f7f99a8857dac45383c
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 134790 4b51097d2e6109e840355707e0259def
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_amd64.deb
Size/MD5: 275134 8686b65317122f6a424307cd079239b0

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_i386.deb
Size/MD5: 290400 1181db3e0a182a85380d0972767fe471
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_i386.deb
Size/MD5: 124714 43d66c5b716b96ae8a0d1528b37dd1a5
http://security.ubuntu.com/ubuntu/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_i386.deb
Size/MD5: 262838 a75f067e1e5acbe121c2117500b35f9e

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 294636 70bebd4c6b76ebb9c5142b8562ae17fe
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 123022 c353d7e06a660701f9a00f1c486c851c
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_lpia.deb
Size/MD5: 258346 68fa5a2fd7b83f14256819eb92a7b320

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 302240 5fdd091450094dd2a98036a45f052042
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 138700 241261a023edac62998bf23af20cb5e2
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_powerpc.deb
Size/MD5: 271168 19b21e913ab0c795944b34f52e7851c1

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d-dbg_4.8-0ubuntu0.9.04.1_sparc.deb
Size/MD5: 276302 38b547b2c0124ef1f7d2486ea035f102
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-0d_4.8-0ubuntu0.9.04.1_sparc.deb
Size/MD5: 120370 169c60aa33f026b9cf5f922bac904e47
http://ports.ubuntu.com/pool/main/n/nspr/libnspr4-dev_4.8-0ubuntu0.9.04.1_sparc.deb
Size/MD5: 256322 62ba95c7de8f9288f6583e9d35dd7d22



Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close