Changeset View
Changeset View
Standalone View
Standalone View
security/vuxml/vuln.xml
- This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 Lines • Show All 3,467 Lines • ▼ Show 20 Lines | |||||
<vuln vid="e71fd9d3-af47-11e7-a633-009c02a2ab30"> | <vuln vid="e71fd9d3-af47-11e7-a633-009c02a2ab30"> | ||||
<topic>nss -- Use-after-free in TLS 1.2 generating handshake hashes</topic> | <topic>nss -- Use-after-free in TLS 1.2 generating handshake hashes</topic> | ||||
<affects> | <affects> | ||||
<package> | <package> | ||||
<name>nss</name> | <name>nss</name> | ||||
<name>linux-c6-nss</name> | <name>linux-c6-nss</name> | ||||
<name>linux-c7-nss</name> | <name>linux-c7-nss</name> | ||||
<range><ge>3.32</ge><lt>3.32.1</lt></range> | <range><ge>3.32</ge><lt>3.32.1</lt></range> | ||||
<range><ge>3.28</ge><lt>3.28.6</lt></range> | <range><ge>3.28</ge><lt>3.28.4_2</lt></range> | ||||
<range><ge>3.28.5</ge><lt>3.28.6</lt></range> | |||||
</package> | </package> | ||||
</affects> | </affects> | ||||
<description> | <description> | ||||
<body xmlns="http://www.w3.org/1999/xhtml"> | <body xmlns="http://www.w3.org/1999/xhtml"> | ||||
<p>Mozilla reports:</p> | <p>Mozilla reports:</p> | ||||
<blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805"> | <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805"> | ||||
<p>During TLS 1.2 exchanges, handshake hashes are generated which | <p>During TLS 1.2 exchanges, handshake hashes are generated which | ||||
point to a message buffer. This saved data is used for later | point to a message buffer. This saved data is used for later | ||||
▲ Show 20 Lines • Show All 9,991 Lines • Show Last 20 Lines |