CVE-2018-12384 (retired)

Priority
Description
ServerHello.random is all zero when handling a v2-compatible ClientHello
Assigned-to
mdeslaur
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.36.5,3.39)
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.28.4-0ubuntu0.12.04.2)
Ubuntu 14.04 LTS (Trusty Tahr):released (2:3.28.4-0ubuntu0.14.04.4)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:3.28.4-0ubuntu0.16.04.4)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:3.35-2ubuntu2.1)
Ubuntu 18.10 (Cosmic Cuttlefish):released (2:3.36.1-1ubuntu1.1)
Ubuntu 19.04 (Disco Dingo):not-affected (2:3.39-1ubuntu1)
Patches:
Upstream:https://hg.mozilla.org/projects/nss/rev/46f9a1f40c3d (3.36)
Upstream:https://hg.mozilla.org/projects/nss/rev/f182a11fbe53 (3.36)
More Information

Updated: 2019-03-26 12:27:00 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)