Source: libapache2-mod-nss Version: 1.0.11-1 Severity: important Tags: security upstream
Hi, the following vulnerability was published for libapache2-mod-nss, introduced with the update to 1.0.11. CVE-2015-3277[0]: incorrect multi-keyword mode cipherstring parsing The vulnerable code was added in 1.0.11[1] afaict. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-3277 [1] https://git.fedorahosted.org/cgit/mod_nss.git/commit/?id=2d1650900f4d47dc43400d826c0f7e1a7c5229b8 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1238324 Could you please double-check this? Regards, Salvatore
