| Package | nss |
|---|---|
| Version | 2:3.26-1+debu8u17 (jessie), 2:3.26.2-1.1+deb9u6 (stretch) |
| Related CVEs | CVE-2023-0767 |
Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag attributes in nss, the Mozilla Network Security Service library, may result in execution of arbitrary code if a specially crafted PKCS 12 certificate bundle is processed.
For Debian 8 jessie, these problems have been fixed in version 2:3.26-1+debu8u17.
For Debian 9 stretch, these problems have been fixed in version 2:3.26.2-1.1+deb9u6.
We recommend that you upgrade your nss packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.