Wan-Teh Chang wrote:
The NSS 3.12.3.1 release is now available. The CVS tag is NSS_3_12_3_1_RTM. You can download the source tarball from https://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_12_3_1_RTM/src/
As far as I can see, CERT_VerifyCertName() is still vulnerable to the embedded NUL hack that was recently published here http://www.wired.com/threatlevel/2009/07/kaminsky/ and on slashdot. Yet some comments in the discussion say that Firefox 3.5 is not vulnerable. Does anyone know on what basis those comments were made?
More to the point, CERT_GetCommonName() just returns a bare char *, instead of returning the string data+length, which makes it impossible for the default verifiers to detect this attack. I've had to copy the guts of CERT_GetLastNameElement() into our own code so that the length info isn't discarded.
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_m.c.diff?hideattic=1&r1=text&tr1=1.8&r2=text&tr2=1.11&f=h
NSS 3.12.3.1 requires NSPR 4.7.4 or later. NSS 3.12.3.1 fixes the following bugs in NSS 3.12.3: - bug 487567: OS/2 cannot sign softokn3.dll after upgrade to nss-3.12.3 - bug 489811: RNG_SystemInfoForRNG called twice by nsc_CommonInitialize - bug 494302: Stop building CAPI module in Firefox builds - bug 501605: very slow startup for Firefox 3.5 due to accessing IE Internet Temporary Files and Windows Temp folder NSS 3.12.3 also contains new root CA certificates. The root CA module (libnssckbi.so or nssckbi.dll) is version 1.75. Wan-Teh Chang
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
