Security News

Cybersecurity news aggregator

🔄
MEDIUM Updates Debian Security

DSA-6149-1 nss - security update

cve-2026-2781mozillanss
  • What: Security update for Mozilla NSS libraries
  • Impact: Fixes integer overflow in AES-GCM implementation
Read Full Article →

[SECURITY] [DSA 6149-1] nss security update To : debian-security-announce@lists.debian.org Subject : [SECURITY] [DSA 6149-1] nss security update From : Moritz Muehlenhoff < jmm@debian.org > Date : Thu, 26 Feb 2026 19:46:28 +0000 Message-id : < [🔎] aaCjFFv9naFQW56g@seger.debian.org > Reply-to : debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6149-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 26, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nss CVE ID : CVE-2026-2781 Clay Ver Valen discovered an integer overflow in the AES-GCM implementation of the Mozilla Network Security Service libraries. For the oldstable distribution (bookworm), this problem has been fixed in version 2:3.87.1-1+deb12u2. For the stable distribution (trixie), this problem has been fixed in version 2:3.110-1+deb13u1. We recommend that you upgrade your nss packages. For the detailed security status of nss please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nss Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmmgojEACgkQEMKTtsN8 TjZxRxAAgXiWw4hD/GtD9etP4JzWzH7PmklxQvGMFF2cZXJtgN5ofCzt7jUeYhkj 85W6d8sHnmizjcifEnjpMdSDXqb46hPR8A1WKfDFeULRftDg8aA23fSqWvegOVvo h2W4jcBAt4zBasUoFpmh3Nb4gJ7rOsYB1PzqCGCT51duKNU3f/DP//AqC+S7gPfK 15ScmICxO0Gt0peHyZnAuGjlSjjT5EgElp5JXVNlR5eiPbZUBGwKkWrD7ReRSK0Y n9dkLURywuqV4R5HkM6q7Lf54t4wpGfn8MM8JQl6J53SsiWWEM8BlAH/ygTz/ZuH o7X4llQHzderjP/jv6habhx06iRCkLloWzPi+LV8QLky8KT+LGrg9cI7V/tmeY38 K1anEXYRorJV+0OMr268LXENwrQm1rlx+YwUxAOzXjKT0093LIP9pPUgoB9hpVE8 couekLPzUkG40q8LmopH8ckPB7grIgPYlUf/0oXaFDpDAcfLz0rgxqFgXZYdqMs7 Akm/dkYXCkBtpBXfYZO9TC7CM/YjkmpUoaFPn5p9XZ7KhXGa/5xvnN+Q/d+1tAlU 2+Qj3nbVAtWpR5KPVkuv23gPlsSusE+7jRdja/BX/cmAo2itr/7EAb8gE3sm923d FWX12i7PyTfdUblfJozjLpBlpTdLsCrdGTSMsQVqv8hUsdNicTQ= =sFCb -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6148-1] firefox-esr security update Next by Date: [SECURITY] [DSA 6150-1] python-django security update Previous by thread: [SECURITY] [DSA 6148-1] firefox-esr security update Next by thread: [SECURITY] [DSA 6150-1] python-django security update Index(es): Date Thread

Related Articles

HIGH USN-8071-1: NSS vulnerability Ubuntu Security HIGH USN-8071-2: NSS vulnerability Ubuntu Security HIGH Multiples vulnérabilités dans les produits Mozilla (22 avril 2026) CERT-FR (ANSSI)
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn