Hi,
For the record, this is fixed in upstream release 3.14.3.
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.14.3_release_notes
Cheers,
Thijs
signature.asc
Description: This is a digitally signed message part.
Package: nss
Severity: serious
Tags: security
Hi,
Nadhem Alfardan and Kenny Paterson have discovered a weakness in the handling
of CBC ciphersuites in SSL, TLS and DTLS. Their attack exploits timing
differences arising during MAC processing. Details of this attack can be
found at: http://www.isg.
2 matches
Mail list logo
