CVE-2020-12400

Priority
Description
[P-384 and P-521 implementation uses a side-channel vulnerable modular
inversion function]
Notes
Package
Upstream:released (80)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (80.0+build2-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (80.0+build2-0ubuntu0.18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):released (80.0+build2-0ubuntu0.20.04.1)
Ubuntu 20.10 (Groovy Gorilla):pending (80.0+build2-0ubuntu2)
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (2:3.55-1)
Ubuntu 12.04 ESM (Precise Pangolin):released (2:3.28.4-0ubuntu0.12.04.10)
Ubuntu 14.04 ESM (Trusty Tahr):released (2:3.28.4-0ubuntu0.14.04.5+esm7)
Ubuntu 16.04 LTS (Xenial Xerus):released (2:3.28.4-0ubuntu0.16.04.13)
Ubuntu 18.04 LTS (Bionic Beaver):released (2:3.35-2ubuntu2.11)
Ubuntu 20.04 LTS (Focal Fossa):released (2:3.49.1-1ubuntu1.4)
Ubuntu 20.10 (Groovy Gorilla):released (2:3.55-1ubuntu1)
Patches:
Upstream:https://hg.mozilla.org/projects/nss/rev/e55ab3145546ae3cf1333b43956a974675d2d25c
Upstream:https://hg.mozilla.org/projects/nss/rev/3f022d5eca5d3cd0e366a825a5681953d76299d0
More Information

Updated: 2020-09-22 16:14:42 UTC (commit d809b9c447f23c03e553d3212b8e38faa2ec2582)