Multiple vulnerabilities have been found in Mozilla Network Security Service (NSS), the worst of which may lead to arbitrary code execution.
|Package||dev-libs/nss on all architectures|
|Affected versions||< 3.49|
|Unaffected versions||>= 3.49|
The Mozilla Network Security Service (NSS) is a library implementing security features like SSL v.2/v.3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME and X.509 certificates.
Multiple vulnerabilities have been discovered in Mozilla Network Security Service (NSS). Please review the CVE identifiers referenced below for details.
An attacker could execute arbitrary code, cause a Denial of Service condition or have other unspecified impact.
There is no known workaround at this time.
All Mozilla Network Security Service (NSS) users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/nss-3.49"