UBUNTU-CVE-2015-7575

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2015-7575

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-7575.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2015-7575

Related

Published

2015-12-31T00:00:00Z

Modified

2015-12-31T00:00:00Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

References

Affected packages

Ubuntu:14.04:LTS / firefox

Package

Name: firefox
Purl: pkg:deb/ubuntu/firefox@43.0.4+build3-0ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

43.0.4+build3-0ubuntu0.14.04.1

Affected versions

24.*

24.0+build1-0ubuntu1

25.*

25.0+build3-0ubuntu0.13.10.1

28.*

28.0~b2+build1-0ubuntu2

28.0+build1-0ubuntu1

28.0+build2-0ubuntu1

28.0+build2-0ubuntu2

29.*

29.0+build1-0ubuntu0.14.04.2

30.*

30.0+build1-0ubuntu0.14.04.3

31.*

31.0+build1-0ubuntu0.14.04.1

32.*

32.0+build1-0ubuntu0.14.04.1

32.0.3+build1-0ubuntu0.14.04.1

33.*

33.0+build2-0ubuntu0.14.04.1

34.*

34.0+build2-0ubuntu0.14.04.1

35.*

35.0+build3-0ubuntu0.14.04.2

35.0.1+build1-0ubuntu0.14.04.1

36.*

36.0+build2-0ubuntu0.14.04.4

36.0.1+build2-0ubuntu0.14.04.1

36.0.4+build1-0ubuntu0.14.04.1

37.*

37.0+build2-0ubuntu0.14.04.1

37.0.1+build1-0ubuntu0.14.04.1

37.0.2+build1-0ubuntu0.14.04.1

38.*

38.0+build3-0ubuntu0.14.04.1

39.*

39.0+build5-0ubuntu0.14.04.1

39.0.3+build2-0ubuntu0.14.04.1

40.*

40.0+build4-0ubuntu0.14.04.1

40.0+build4-0ubuntu0.14.04.4

40.0.3+build1-0ubuntu0.14.04.1

41.*

41.0+build3-0ubuntu0.14.04.1

41.0.1+build2-0ubuntu0.14.04.1

41.0.2+build2-0ubuntu0.14.04.1

42.*

42.0+build2-0ubuntu0.14.04.1

43.*

43.0+build1-0ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "firefox-locale-nl": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-kn": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-gl": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-sv": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-eo": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-fy": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-or": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-az": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-lt": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-hy": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-kk": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-km": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-uk": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-sr": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ca": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-is": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-dbg": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-testsuite": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ga": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-it": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ja": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-lg": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ms": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-dev": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-mozsymbols": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ko": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-hr": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-mai": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-nb": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-zh-hans": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-vi": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-he": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-sw": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-el": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-oc": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-xh": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-nn": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-zu": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ar": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-cs": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-hsb": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-csb": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ro": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-globalmenu": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-af": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-nso": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-sk": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-si": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-cy": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-dbgsym": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-fa": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-sq": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-en": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-tr": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-br": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-et": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ast": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-th": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-da": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-fi": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ku": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-mn": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ru": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-mk": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-bg": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-hu": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-gu": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-bn": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ml": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-an": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-be": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-eu": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-fr": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-pa": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-as": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-lv": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-mr": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-bs": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-te": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ta": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-ka": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-id": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-gd": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-hi": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-uz": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-pl": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-es": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-de": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-zh-hant": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-pt": "43.0.4+build3-0ubuntu0.14.04.1",
            "firefox-locale-sl": "43.0.4+build3-0ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:14.04:LTS / gnutls26

Package

Name: gnutls26
Purl: pkg:deb/ubuntu/gnutls26@2.12.23-12ubuntu2.4?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12.23-12ubuntu2.4

Affected versions

2.*

2.12.23-1ubuntu4

2.12.23-1ubuntu5

2.12.23-12ubuntu1

2.12.23-12ubuntu2

2.12.23-12ubuntu2.1

2.12.23-12ubuntu2.2

2.12.23-12ubuntu2.3

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libgnutls-dev-dbgsym": "2.12.23-12ubuntu2.4",
            "libgnutls-openssl27-dbgsym": "2.12.23-12ubuntu2.4",
            "gnutls26-doc": "2.12.23-12ubuntu2.4",
            "libgnutls26": "2.12.23-12ubuntu2.4",
            "libgnutlsxx27": "2.12.23-12ubuntu2.4",
            "libgnutls26-dbg": "2.12.23-12ubuntu2.4",
            "libgnutlsxx27-dbgsym": "2.12.23-12ubuntu2.4",
            "gnutls-bin": "3.0.11+really2.12.23-12ubuntu2.4",
            "libgnutls26-dbgsym": "2.12.23-12ubuntu2.4",
            "gnutls-bin-dbgsym": "3.0.11+really2.12.23-12ubuntu2.4",
            "libgnutls-dev": "2.12.23-12ubuntu2.4",
            "libgnutls-openssl27": "2.12.23-12ubuntu2.4"
        }
    ]
}

Ubuntu:14.04:LTS / nss

Package

Name: nss
Purl: pkg:deb/ubuntu/nss@2:3.19.2.1-0ubuntu0.14.04.2?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.19.2.1-0ubuntu0.14.04.2

Affected versions

2:3.*

2:3.15.1-1ubuntu1

2:3.15.2-1

2:3.15.3-1

2:3.15.3.1-1

2:3.15.3.1-1.1

2:3.15.3.1-1.1ubuntu1

2:3.15.4-1ubuntu3

2:3.15.4-1ubuntu4

2:3.15.4-1ubuntu5

2:3.15.4-1ubuntu6

2:3.15.4-1ubuntu7

2:3.15.4-1ubuntu7.1

2:3.17-0ubuntu0.14.04.1

2:3.17.1-0ubuntu0.14.04.1

2:3.17.1-0ubuntu0.14.04.2

2:3.17.4-0ubuntu0.14.04.1

2:3.19.2-0ubuntu0.14.04.1

2:3.19.2.1-0ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libnss3-nssdb": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3-1d": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3-dbgsym": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3-dev": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3-dbg": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3-tools": "2:3.19.2.1-0ubuntu0.14.04.2",
            "libnss3-tools-dbgsym": "2:3.19.2.1-0ubuntu0.14.04.2"
        }
    ]
}

Ubuntu:14.04:LTS / openjdk-6

Package

Name: openjdk-6
Purl: pkg:deb/ubuntu/openjdk-6@6b38-1.13.10-0ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6b38-1.13.10-0ubuntu0.14.04.1

Affected versions

6b27-1.*

6b27-1.12.6-1ubuntu2

6b27-1.12.7-2ubuntu1

6b29-1.*

6b29-1.13.0-1ubuntu2

6b30-1.*

6b30-1.13.1-1ubuntu1

6b30-1.13.1-1ubuntu2

6b30-1.13.2-1ubuntu1

6b31-1.*

6b31-1.13.3-1ubuntu1

6b32-1.*

6b32-1.13.4-4ubuntu0.14.04.1

6b33-1.*

6b33-1.13.5-1ubuntu0.14.04

6b34-1.*

6b34-1.13.6-1ubuntu0.14.04.1

6b35-1.*

6b35-1.13.7-1ubuntu0.14.04.1

6b36-1.*

6b36-1.13.8-0ubuntu1~14.04

6b37-1.*

6b37-1.13.9-1ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "openjdk-6-dbg": "6b38-1.13.10-0ubuntu0.14.04.1",
            "icedtea-6-jre-jamvm": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-doc": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-jre": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-source": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-jre-headless": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-jre-zero": "6b38-1.13.10-0ubuntu0.14.04.1",
            "icedtea-6-jre-cacao": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-jre-lib": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-jdk": "6b38-1.13.10-0ubuntu0.14.04.1",
            "openjdk-6-demo": "6b38-1.13.10-0ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:14.04:LTS / openjdk-7

Package

Name: openjdk-7
Purl: pkg:deb/ubuntu/openjdk-7@7u95-2.6.4-0ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7u95-2.6.4-0ubuntu0.14.04.1

Affected versions

7u25-2.*

7u25-2.3.12-4ubuntu3

7u25-2.3.12-4ubuntu5

7u45-2.*

7u45-2.4.3-3ubuntu1

7u45-2.4.3-3ubuntu2

7u45-2.4.3-4ubuntu1

7u45-2.4.3-4ubuntu2

7u51-2.*

7u51-2.4.4-1ubuntu1

7u51-2.4.5-1ubuntu1

7u51-2.4.6~pre1-1ubuntu2

7u51-2.4.6-1ubuntu3

7u51-2.4.6-1ubuntu4

7u55-2.*

7u55-2.4.7-1ubuntu1

7u65-2.*

7u65-2.5.1-4ubuntu1~0.14.04.1

7u65-2.5.1-4ubuntu1~0.14.04.2

7u65-2.5.2-3~14.04

7u71-2.*

7u71-2.5.3-0ubuntu0.14.04.1

7u75-2.*

7u75-2.5.4-1~trusty1

7u79-2.*

7u79-2.5.5-0ubuntu0.14.04.2

7u79-2.5.6-0ubuntu1.14.04.1

7u85-2.*

7u85-2.6.1-5ubuntu0.14.04.1

7u91-2.*

7u91-2.6.3-0ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "openjdk-7-demo": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-source": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-jre": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-jdk": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-dbg": "7u95-2.6.4-0ubuntu0.14.04.1",
            "icedtea-7-jre-jamvm": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-jre-zero": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-doc": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-jre-headless": "7u95-2.6.4-0ubuntu0.14.04.1",
            "openjdk-7-jre-lib": "7u95-2.6.4-0ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:14.04:LTS / openssl

Package

Name: openssl
Purl: pkg:deb/ubuntu/openssl@1.0.1f-1ubuntu2.16?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.1f-1ubuntu2.16

Affected versions

1.*

1.0.1e-3ubuntu1

1.0.1e-4ubuntu1

1.0.1e-4ubuntu2

1.0.1e-4ubuntu3

1.0.1e-4ubuntu4

1.0.1f-1ubuntu1

1.0.1f-1ubuntu2

1.0.1f-1ubuntu2.1

1.0.1f-1ubuntu2.2

1.0.1f-1ubuntu2.3

1.0.1f-1ubuntu2.4

1.0.1f-1ubuntu2.5

1.0.1f-1ubuntu2.7

1.0.1f-1ubuntu2.8

1.0.1f-1ubuntu2.11

1.0.1f-1ubuntu2.12

1.0.1f-1ubuntu2.15

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libssl1.0.0-udeb-dbgsym": "1.0.1f-1ubuntu2.16",
            "libssl-dev": "1.0.1f-1ubuntu2.16",
            "libssl1.0.0": "1.0.1f-1ubuntu2.16",
            "libssl-doc": "1.0.1f-1ubuntu2.16",
            "libcrypto1.0.0-udeb-dbgsym": "1.0.1f-1ubuntu2.16",
            "libssl1.0.0-dbg": "1.0.1f-1ubuntu2.16",
            "libssl-dev-dbgsym": "1.0.1f-1ubuntu2.16",
            "openssl": "1.0.1f-1ubuntu2.16",
            "openssl-dbgsym": "1.0.1f-1ubuntu2.16",
            "libssl1.0.0-udeb": "1.0.1f-1ubuntu2.16",
            "libssl1.0.0-dbgsym": "1.0.1f-1ubuntu2.16",
            "libcrypto1.0.0-udeb": "1.0.1f-1ubuntu2.16"
        }
    ]
}

Ubuntu:14.04:LTS / thunderbird

Package

Name: thunderbird
Purl: pkg:deb/ubuntu/thunderbird@1:38.6.0+build1-0ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:38.6.0+build1-0ubuntu0.14.04.1

Affected versions

1:24.*

1:24.0+build1-0ubuntu1

1:24.0+build1-0ubuntu2

1:24.1.1+build1-0ubuntu0.13.10.1

1:24.1.1+build1-0ubuntu1

1:24.2.0+build1-0ubuntu1

1:24.4.0+build1-0ubuntu1

1:24.5.0+build1-0ubuntu0.14.04.1

1:24.6.0+build1-0ubuntu0.14.04.1

1:31.*

1:31.0+build1-0ubuntu0.14.04.1

1:31.1.1+build1-0ubuntu0.14.04.1

1:31.1.2+build1-0ubuntu0.14.04.1

1:31.2.0+build2-0ubuntu0.14.04.1

1:31.3.0+build1-0ubuntu0.14.04.1

1:31.4.0+build1-0ubuntu0.14.04.1

1:31.5.0+build1-0ubuntu0.14.04.1

1:31.6.0+build1-0ubuntu0.14.04.1

1:31.7.0+build1-0ubuntu0.14.04.1

1:31.8.0+build1-0ubuntu0.14.04.1

1:38.*

1:38.2.0+build1-0ubuntu0.14.04.1

1:38.3.0+build1-0ubuntu0.14.04.1

1:38.4.0+build3-0ubuntu0.14.04.1

1:38.5.1+build2-0ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "thunderbird-locale-cs": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-pt-pt": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ka": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-gnome-support": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-nl": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-mk": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-rm": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-sq": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-sv-se": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-hsb": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-dev-dbgsym": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-sl": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-hr": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-sk": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-globalmenu": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-eu": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-fy-nl": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ga": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-es-es": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-he": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-pt-br": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "xul-ext-gdata-provider": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-gd": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-mozsymbols": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-pl": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-nb": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-gnome-support-dbg": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-dev": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-sv": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-pt": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-be": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-en-gb": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-cy": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "xul-ext-lightning": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ga-ie": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-de": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-fr": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ko": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-nb-no": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "xul-ext-calendar-timezones": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-en-us": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-hy": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-tr": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ro": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-zh-hans": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-dbgsym": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-uk": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-gl": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-dbg": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-da": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ar": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-fy": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-testsuite": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ja": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ru": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-zh-cn": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-es-ar": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-zh-tw": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "xul-ext-lightning-dbgsym": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-es": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-si": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-br": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-bg": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-en": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-pa": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-fi": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-af": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-bn-bd": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-dsb": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-el": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ta-lk": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-bn": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ca": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-sr": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-hu": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-et": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-is": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-it": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-pa-in": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-nn": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-vi": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ast": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-ta": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-nn-no": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-lt": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-id": "1:38.6.0+build1-0ubuntu0.14.04.1",
            "thunderbird-locale-zh-hant": "1:38.6.0+build1-0ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:16.04:LTS / gnutls28

Package

Name: gnutls28
Purl: pkg:deb/ubuntu/gnutls28@3.3.18-1ubuntu1?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.18-1ubuntu1

Affected versions

3.*

3.3.15-5ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libgnutls-openssl27-dbgsym": "3.3.18-1ubuntu1",
            "libgnutls-deb0-28-dbgsym": "3.3.18-1ubuntu1",
            "gnutls-doc": "3.3.18-1ubuntu1",
            "libgnutls28-dev": "3.3.18-1ubuntu1",
            "libgnutls28-dbg": "3.3.18-1ubuntu1",
            "libgnutls-dev": "3.3.18-1ubuntu1",
            "libgnutls-deb0-28": "3.3.18-1ubuntu1",
            "libgnutlsxx28-dbgsym": "3.3.18-1ubuntu1",
            "libgnutlsxx28": "3.3.18-1ubuntu1",
            "gnutls-bin": "3.3.18-1ubuntu1",
            "guile-gnutls": "3.3.18-1ubuntu1",
            "guile-gnutls-dbgsym": "3.3.18-1ubuntu1",
            "libgnutls-openssl27": "3.3.18-1ubuntu1",
            "gnutls-bin-dbgsym": "3.3.18-1ubuntu1"
        }
    ]
}

Ubuntu:16.04:LTS / mbedtls

Package

Name: mbedtls
Purl: pkg:deb/ubuntu/mbedtls@2.2.1-2?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.1-2

Affected versions

2.*

2.1.2-1

2.2.0-1

2.2.1-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libmbedtls-dev": "2.2.1-2",
            "libmbedtls10": "2.2.1-2",
            "libmbedtls-doc": "2.2.1-2",
            "libmbedx509-0": "2.2.1-2",
            "libmbedtls10-dbgsym": "2.2.1-2",
            "libmbedcrypto0-dbgsym": "2.2.1-2",
            "libmbedx509-0-dbgsym": "2.2.1-2",
            "libmbedcrypto0": "2.2.1-2"
        }
    ]
}

Ubuntu:16.04:LTS / nss

Package

Name: nss
Purl: pkg:deb/ubuntu/nss@2:3.21-1ubuntu2?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:3.21-1ubuntu2

Affected versions

2:3.*

2:3.19.2-1ubuntu1

2:3.19.2.1-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libnss3-nssdb": "2:3.21-1ubuntu2",
            "libnss3-1d": "2:3.21-1ubuntu2",
            "libnss3-dbgsym": "2:3.21-1ubuntu2",
            "libnss3": "2:3.21-1ubuntu2",
            "libnss3-dev": "2:3.21-1ubuntu2",
            "libnss3-dbg": "2:3.21-1ubuntu2",
            "libnss3-tools": "2:3.21-1ubuntu2",
            "libnss3-tools-dbgsym": "2:3.21-1ubuntu2"
        }
    ]
}

Ubuntu:16.04:LTS / openjdk-8

Package

Name: openjdk-8
Purl: pkg:deb/ubuntu/openjdk-8@8u72-b15-1?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8u72-b15-1

Affected versions

Other

8u66-b01-5

8u72-b05-1ubuntu1

8u72-b05-5

8u72-b05-6

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "openjdk-8-jre-jamvm": "8u72-b15-1",
            "openjdk-8-demo-dbgsym": "8u72-b15-1",
            "openjdk-8-dbg": "8u72-b15-1",
            "openjdk-8-doc": "8u72-b15-1",
            "openjdk-8-demo": "8u72-b15-1",
            "openjdk-8-jre-zero": "8u72-b15-1",
            "openjdk-8-jre-dbgsym": "8u72-b15-1",
            "openjdk-8-jre-headless": "8u72-b15-1",
            "openjdk-8-jre-jamvm-dbgsym": "8u72-b15-1",
            "openjdk-8-jdk": "8u72-b15-1",
            "openjdk-8-source": "8u72-b15-1",
            "openjdk-8-jre-headless-dbgsym": "8u72-b15-1",
            "openjdk-8-jdk-dbgsym": "8u72-b15-1",
            "openjdk-8-jre": "8u72-b15-1",
            "openjdk-8-jre-zero-dbgsym": "8u72-b15-1"
        }
    ]
}

Ubuntu:16.04:LTS / openssl

Package

Name: openssl
Purl: pkg:deb/ubuntu/openssl@1.0.2e-1ubuntu1?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.2e-1ubuntu1

Affected versions

1.*

1.0.2d-0ubuntu1

1.0.2d-0ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "libssl1.0.0-udeb-dbgsym": "1.0.2e-1ubuntu1",
            "libssl-dev": "1.0.2e-1ubuntu1",
            "libssl1.0.0": "1.0.2e-1ubuntu1",
            "libssl-doc": "1.0.2e-1ubuntu1",
            "libcrypto1.0.0-udeb-dbgsym": "1.0.2e-1ubuntu1",
            "libssl1.0.0-dbg": "1.0.2e-1ubuntu1",
            "libssl-dev-dbgsym": "1.0.2e-1ubuntu1",
            "openssl": "1.0.2e-1ubuntu1",
            "openssl-dbgsym": "1.0.2e-1ubuntu1",
            "libssl1.0.0-udeb": "1.0.2e-1ubuntu1",
            "libssl1.0.0-dbgsym": "1.0.2e-1ubuntu1",
            "libcrypto1.0.0-udeb": "1.0.2e-1ubuntu1"
        }
    ]
}

Ubuntu:16.04:LTS / thunderbird

Package

Name: thunderbird
Purl: pkg:deb/ubuntu/thunderbird@1:38.6.0+build1-0ubuntu1?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:38.6.0+build1-0ubuntu1

Affected versions

1:38.*

1:38.3.0+build1-0ubuntu2

1:38.5.1+build2-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "thunderbird-locale-cs": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-pt-pt": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ka": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-gnome-support": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-nl": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-mk": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-rm": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-sq": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-sv-se": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-hsb": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-dev-dbgsym": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-sl": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-hr": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-sk": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-globalmenu": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-eu": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-fy-nl": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ga": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-es-es": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-he": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-pt-br": "1:38.6.0+build1-0ubuntu1",
            "xul-ext-gdata-provider": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-gd": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-mozsymbols": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-pl": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-nb": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-gnome-support-dbg": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-dev": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-sv": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-pt": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-be": "1:38.6.0+build1-0ubuntu1",
            "thunderbird": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-en-gb": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-cy": "1:38.6.0+build1-0ubuntu1",
            "xul-ext-lightning": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ga-ie": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-de": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-fr": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ko": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-nb-no": "1:38.6.0+build1-0ubuntu1",
            "xul-ext-calendar-timezones": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-en-us": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-hy": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-tr": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ro": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-zh-hans": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-dbgsym": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-uk": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-gl": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-dbg": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-da": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ar": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-fy": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-testsuite": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ja": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ru": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-zh-cn": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-es-ar": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-zh-tw": "1:38.6.0+build1-0ubuntu1",
            "xul-ext-lightning-dbgsym": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-es": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-si": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-br": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-bg": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-en": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-pa": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-fi": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-af": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-bn-bd": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-dsb": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-el": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ta-lk": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-bn": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ca": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-sr": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-hu": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-et": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-is": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-it": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-pa-in": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-nn": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-vi": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ast": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-ta": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-nn-no": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-lt": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-id": "1:38.6.0+build1-0ubuntu1",
            "thunderbird-locale-zh-hant": "1:38.6.0+build1-0ubuntu1"
        }
    ]
}