| Package | nss |
|---|---|
| Version | 2:3.26-1+debu7u6 |
| Related CVEs | CVE-2018-12404 CVE-2018-18508 |
Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library.
CVE-2018-12404
Cache side-channel variant of the Bleichenbacher attack
CVE-2018-18508
NULL pointer dereference in several CMS functions resulting in a
denial of service
For Debian 7 Wheezy, these problems have been fixed in version 2:3.26-1+debu7u6.
We recommend that you upgrade your nss packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.