oss-sec mailing list archives
Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures
From: Kai Engert <kaie () kuix de>
Date: Wed, 1 Dec 2021 18:37:27 +0100
https://bugs.chromium.org/p/project-zero/issues/detail?id=2237 states that "It's been 30 days since the initial thunderbird patches have been released". Is there a corresponding Thunderbird patch/advisory/release distros should be shipping as well?
Thunderbird 91.3.0 had shipped a workaround, that should protect against the most risky attack vector (executing the vulnerable code path when importing certificates contained in a received S/MIME message).
The workaround commits are here: https://hg.mozilla.org/releases/comm-esr91/rev/54507526da82 https://hg.mozilla.org/releases/comm-esr91/rev/bea1eb4e98a3 We intend to add a separate CVE to the corresponding tracking bug https://bugzilla.mozilla.org/show_bug.cgi?id=1738501 and also amend the release notes of the 91.3.0 release.In addition, to ensure that potential secondary attack vectors will be protected as well, it is recommended that Thunderbird uses NSS binaries that contain the NSS level patch. The Thunderbird team will ship NSS 3.68.1 in the upcoming 91.4.0 release.
Kai
Current thread:
- CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Dennis Jackson (Dec 01)
- Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Alan Coopersmith (Dec 01)
- Message not available
- Message not available
- Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Kai Engert (Dec 01)
- Message not available
- Re: CVE-2021-43527: Heap overflow in NSS when verifying DSA/RSA-PSS DER-encoded signatures Alan Coopersmith (Dec 01)