CVE-2013-0743

Publication date 7 January 2013

Last updated 24 July 2024

Ubuntu priority

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA at the suggestion of the CVE project team. The candidate had been associated with a correct report of a security problem, but not a problem that is categorized as a vulnerability within CVE. Compromised or unauthorized SSL certificates are not within CVE's scope. Notes: none.

Read the notes from the security team

Status

Show unmaintained releases

Notes

jdstrand

this requires updating nss and nspr on stable releases or backporting the fixes that allow blacklisting arbitrary certificates Debian fix is incomplete (see Debian bug)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
nss	Vendor: http://www.debian.org/security/2013/dsa-2599 Other: http://hg.mozilla.org/releases/mozilla-release/rev/b0e010f68b06

References

Related Ubuntu Security Notices (USN)

USN-1681-2
Thunderbird vulnerabilities
9 January 2013

USN-1681-1
Firefox vulnerabilities
9 January 2013

USN-1687-1
NSS vulnerability
14 January 2013