FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

NSS -- MD5 downgrade in TLS 1.2 signatures

Affected packages
3.20 <= linux-c6-nss < 3.20.2
linux-c6-nss < 3.19.2.2
3.20 <= nss < 3.20.2
nss < 3.19.2.2
linux-firefox < 43.0.2,1
linux-thunderbird < 38.5.1
linux-seamonkey < 2.40

Details

VuXML ID 10f7bc76-0335-4a88-b391-0b05b3a8ce1c
Discovery 2015-12-22
Entry 2015-12-28

The Mozilla Project reports:

Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services (NSS) where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the accepting MD5 as a hash algorithm in signatures since 2011. This issues exposes NSS based clients such as Firefox to theoretical collision-based forgery attacks.

References

CVE Name CVE-2015-7575
URL https://hg.mozilla.org/projects/nss/rev/94e1157f3fbb
URL https://www.mozilla.org/security/advisories/mfsa2015-150/