Package Instance

Mozilla has updated the version of Network Security
Services (NSS) library used in Mozilla projects to NSS 3.15.3 with the
exception of ESR17-based releases, which have been updated to NSS 3.14.5. This
addresses several moderate to critical rated networking security issues.Google developer Andrew Tinits reported a potentially
exploitable buffer overflow that was fixed in both NSS 3.15.3 and NSS
3.14.5.

Mozilla community member Ambroz Bizjak reported an
out-of-bounds array read in the CERT_DecodeCertPackage function of
the Network Security Services (NSS) library when decoding a certificate. When
this occurs, it will lead to memory corruption and a non-exploitable crash.

Security researcher Matthew Green reported a Diffie–Hellman
(DHE) key processing issue in Network Security Services (NSS) where a
man-in-the-middle (MITM) attacker can force a server to downgrade TLS
connections to 512-bit export-grade cryptography by modifying client
requests to include only export-grade cipher suites. The resulting
weak key can then be leveraged to impersonate the server. This attack
is detailed in the "Imperfect Forward
Secrecy: How Diffie-Hellman Fails in Practice" paper and is known as the
"Logjam Attack."This issue was fixed in NSS version 3.19.1 by limiting the lower strength of
supported DHE keys to use 1023 bit primes.

Security researcher Karthikeyan Bhargavan reported an issue
in Network Security Services (NSS) where MD5 signatures in the server signature within the
TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has
officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This
issues exposes NSS based clients such as Firefox to theoretical collision-based forgery
attacks. This issue was fixed in NSS version 3.20.2.

Mozilla community member Watson Ladd reported that the
implementation of Elliptical Curve Cryptography (ECC) multiplication for
Elliptic Curve Digital Signature Algorithm (ECDSA) signature validation in
Network Security Services (NSS) did not handle exceptional cases correctly. This
could potentially allow for signature forgery. This issue was fixed in NSS
version 3.19.1.

Security researcher Francis Gabriel of Quarkslab reported a heap-based
buffer overflow in the way the Network Security Services (NSS) libraries parsed certain
ASN.1 structures. An attacker could create a specially-crafted certificate which, when
parsed by NSS, would cause it to crash or execute arbitrary code with the permissions of
the user.
This issue has been addressed in the NSS releases shipping on affected Mozilla
products:

Mozilla developer Brian Smith and security researchers
Antoine Delignat-Lavaud and Karthikeyan
Bhargavan of the Prosecco research team at INRIA Paris reported issues
with ticket handling in the Network Security Services (NSS) libraries. These
have been addressed in the NSS 3.15.4 release, shipping on affected platforms.

Mozilla developers identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain circumstances, and we
presume that with enough effort at least some of these could be exploited to run
arbitrary code.In general these flaws cannot be exploited through email in the
Thunderbird and Seamonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts.

Antoine Delignat-Lavaud, security researcher at Inria Paris
in team Prosecco, reported an issue in Network Security Services (NSS) libraries
affecting all versions. He discovered that NSS is vulnerable to a variant of a
signature forgery attack previously published by Daniel Bleichenbacher. This is
due to lenient parsing of ASN.1 values involved in a signature and could lead to
the forging of RSA certificates.The Advanced Threat Research team at Intel Security also independently
discovered and reported this issue.These have been addressed in the NSS releases shipping on affected Mozilla
products:

Mozilla engineers Tyson Smith and David Keeler
reported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security
Services (NSS). These issues were in octet string parsing and were found through fuzzing
and code inspection. If these issues were triggered, they would lead to a potentially
exploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in
Firefox and Firefox ESR, respectively, as well as NSS 3.20.1.Google security engineer Ryan Sleevi reported an integer overflow in
the Netscape Portable Runtime (NSPR) due to a lack of checks during memory allocation.
This leads to a potentially exploitable crash. This issue is fixed in NSPR 4.10.10. The NSPR library is a required component of NSS.