CVE-2010-3173 (retired)

Priority
Description
The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before
3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey
before 2.0.9 does not properly set the minimum key length for
Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote
attackers to defeat cryptographic protection mechanisms via a brute-force
attack.
Notes
 jdstrand> update merely enforces a stronger key length
 jdstrand> needs new NSPR
Assigned-to
chriscoulson
Package
Source: nspr (LP Ubuntu Debian)
Upstream:released (4.8.6)
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.12.8)
More Information

Updated: 2019-09-19 15:32:59 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)