CVE-2017-5461

Priority
Medium
Description
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through
3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows
remote attackers to cause a denial of service (out-of-bounds write) or
possibly have unspecified other impact by leveraging incorrect base64
operations.
References
Bugs
Assigned-to
chrisccoulson
Package
Upstream:released (52.1.1)
Ubuntu 17.10 (Artful Aardvark):needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:52.1.1+build1-0ubuntu0.14.04.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1:52.1.1+build1-0ubuntu0.16.04.1)
Ubuntu 16.10 (Yakkety Yak):released (1:52.1.1+build1-0ubuntu0.16.10.1)
Ubuntu 17.04 (Zesty Zapus):released (1:52.1.1+build1-0ubuntu0.17.04.1)
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.28.4, 3.30.1)
Ubuntu 17.10 (Artful Aardvark):released (2:3.28.4-0ubuntu1)
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 LTS (Trusty Tahr):released (2:3.28.4-0ubuntu0.14.04.1)
Ubuntu Touch 15.04:needs-triage
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2:3.28.4-0ubuntu0.16.04.1)
Ubuntu 16.10 (Yakkety Yak):released (2:3.28.4-0ubuntu0.16.10.1)
Ubuntu 17.04 (Zesty Zapus):released (2:3.28.4-0ubuntu0.17.04.1)
Patches:
Upstream:https://hg.mozilla.org/projects/nss/rev/77a5bb81dbaa
Package
Upstream:released (53.0)
Ubuntu 17.10 (Artful Aardvark):needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored)
Ubuntu 14.04 LTS (Trusty Tahr):released (53.0+build6-0ubuntu0.14.04.1)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (53.0+build6-0ubuntu0.16.04.1)
Ubuntu 16.10 (Yakkety Yak):released (53.0+build6-0ubuntu0.16.10.1)
Ubuntu 17.04 (Zesty Zapus):released (53.0+build6-0ubuntu0.17.04.1)
More Information

Updated: 2017-05-18 03:14:19 UTC (commit 12579)