| Errata ID | 301 |
|---|---|
| Date | 2015-09-02 |
| Source package | nss |
| Fixed in version | 2:3.14.5-1.29.201508290003 |
| Description | Multiple security vulnerabilities have been fixed in the Network Security Service library (nss): * NSS incorrectly permits skipping of ServerKeyExchange (CVE-2015-2721) * ECDSA signature validation fails to handle some signatures correctly (CVE-2015-2730) * ASN.1 DER decoding of lengths is too permissive (CVE-2014-1569) |
| Additional notes | |
| CVE ID | CVE-2015-2721 CVE-2015-2730 CVE-2014-1569 |
| UCS Bug number | #37045 |
