Arch Linux Security Advisory ASA-201412-18 ========================================== Severity: High Date : 2014-12-16 CVE-ID : CVE-2014-1569 Package : nss Type : signature forgery Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE-2014 Summary ======= The package nss before version 3.17.3-1 is vulnerable to signature forgery. Resolution ========== Upgrade to 3.17.3-1. # pacman -Syu "nss>=3.17.3-1" The problem has been fixed upstream in version 3.17.3. Workaround ========== None. Description =========== The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00. This update also adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV) in NSS, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0, mitigating CVE-2014-3566, also known as POODLE. SSL 3.0 support has also been disabled by default in this Firefox and Thunderbird update, further mitigating POODLE. Impact ====== A remote attacker is able to smuggle arbitrary data into an ASN.1 object in order to forge certificates that are considered trusted. References ========== https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1569 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_rel... https://hg.mozilla.org/projects/nss/rev/e9a7991380db https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 https://bugs.archlinux.org/task/42760