Mozilla Network Security Service: Multiple vulnerabilities

Mozilla Network Security Service: Multiple vulnerabilities Multiple vulnerabilities have been found in Mozilla Network Security Service (NSS), the worst of which may lead to arbitrary code execution. nss 2020-03-16 2020-03-16 627534 676868 701840 local, remote 3.49 3.49

The Mozilla Network Security Service (NSS) is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates.

Multiple vulnerabilities have been discovered in Mozilla Network Security Service (NSS). Please review the CVE identifiers referenced below for details.

An attacker could execute arbitrary code, cause a Denial of Service condition or have other unspecified impact.

There is no known workaround at this time.

All Mozilla Network Security Service (NSS) users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.49"

CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698 CVE-2018-18508 CVE-2019-11745 whissi whissi