ELA-197-1 nss security update

Fix NULL deref leading to DoS

2019-11-29
Packagenss
Version3.26-1+debu7u10
Related CVE CVE-2019-17007

Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may have crashed with a NULL deref leading to a Denial-of-Service.

For Debian 7 Wheezy, these problems have been fixed in version 3.26-1+debu7u10.

We recommend that you upgrade your nss packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/