Errata overview
Errata ID 301
Date 2015-09-02
Source package nss
Fixed in version 2:3.14.5-1.29.201508290003
Multiple security vulnerabilities have been fixed in the Network
Security Service library (nss):
* NSS incorrectly permits skipping of ServerKeyExchange (CVE-2015-2721)
* ECDSA signature validation fails to handle some signatures correctly
* ASN.1 DER decoding of lengths is too permissive (CVE-2014-1569)
Additional notes
CVE ID CVE-2015-2721
UCS Bug number #37045