Back to bug 1383883

Who When What Removed Added
Huzaifa S. Sidhpurwala 2016-10-12 03:55:44 UTC CC security-response-team
Huzaifa S. Sidhpurwala 2016-10-12 03:57:32 UTC Depends On 1383884
Huzaifa S. Sidhpurwala 2016-10-12 03:57:44 UTC Depends On 1383885
Huzaifa S. Sidhpurwala 2016-10-12 03:57:53 UTC Depends On 1383886
Huzaifa S. Sidhpurwala 2016-10-12 03:58:05 UTC Depends On 1383887
Huzaifa S. Sidhpurwala 2016-10-12 03:58:13 UTC Depends On 1383888
Hubert Kario 2016-10-31 14:48:32 UTC Blocks 1374803
Hubert Kario 2016-10-31 16:15:24 UTC CC hkario, kengert
Hubert Kario 2016-10-31 16:53:56 UTC Link ID Mozilla Foundation 1306103
Stanislav Zidek 2016-11-03 08:17:28 UTC CC szidek
Huzaifa S. Sidhpurwala 2016-11-14 03:40:41 UTC Doc Text A flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash any server process compiled with NSS.
Huzaifa S. Sidhpurwala 2016-11-14 04:03:06 UTC Doc Text A flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash any server process compiled with NSS. A null pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash any server process compiled with NSS.
Huzaifa S. Sidhpurwala 2016-11-14 07:26:34 UTC Blocks 1380228
CC jechoi
Tomas Hoger 2016-11-14 21:30:31 UTC Doc Text A null pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash any server process compiled with NSS. A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS.
Huzaifa S. Sidhpurwala 2016-11-16 03:22:03 UTC Group security, qe_staff
Summary EMBARGOED CVE-2016-5285 nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash CVE-2016-5285 nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash
Whiteboard impact=moderate,public=no,reported=20161012,source=mozilla,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected impact=moderate,public=20161116,reported=20161012,source=mozilla,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected
Huzaifa S. Sidhpurwala 2016-11-16 06:15:22 UTC Whiteboard impact=moderate,public=20161116,reported=20161012,source=mozilla,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected impact=moderate,public=20161116,reported=20161012,source=mozilla,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected
Huzaifa S. Sidhpurwala 2016-11-16 06:15:48 UTC Depends On 1395535
Huzaifa S. Sidhpurwala 2016-11-16 06:16:37 UTC Status NEW CLOSED
Resolution --- ERRATA
Last Closed 2016-11-16 01:16:37 UTC
Slawomir Czarko 2016-11-16 09:13:02 UTC CC slawomir
Hubert Kario 2016-11-30 15:56:22 UTC Blocks 1377248
CC jeffa.lans
Yasuhiro Ozone 2016-12-07 02:13:09 UTC CC yozone
Adam Mariš 2017-03-07 14:22:57 UTC Depends On 1429932, 1429933
Product Security DevOps Team 2019-09-29 13:57:57 UTC Whiteboard impact=moderate,public=20161116,reported=20161012,source=mozilla,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected

Back to bug 1383883