Errata overview
Errata ID 59
Date 2017-06-28
Source package nss
Fixed in version 2:3.26-1+debu8u2
This update addresses the following issues:
* Out-of-bounds write in Base64 encoding. This can trigger a crash (denial of
  service) and might be exploitable for code execution (CVE-2017-5461)
* A flaw in DRBG number generation where the internal state V does not
  correctly carry bits over (CVE-2017-5462)
* Null pointer dereference vulnerability in NSS since 3.24.0 was found when
  server receives empty SSLv2 messages resulting into denial of service by
  remote attacker (CVE-2017-7502)
Additional notes
CVE ID CVE-2017-5461
UCS Bug number #44777