CVE-2010-3173

Priority
Low
Description
The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before
3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey
before 2.0.9 does not properly set the minimum key length for
Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote
attackers to defeat cryptographic protection mechanisms via a brute-force
attack.
References
Notes
jdstrand> update merely enforces a stronger key length
jdstrand> needs new NSPR
Assigned-to
chriscoulson
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.12.8)
Package
Source: nspr (LP Ubuntu Debian)
Upstream:released (4.8.6)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-15 19:34:52 UTC (commit 9690)