OVAL Reference oval:com.ubuntu.bionic:def:2019117270000000

Oval Definition:

oval:com.ubuntu.bionic:def:2019117270000000

Revision Date:	2019-07-23	Version:	1
Title:	CVE-2019-11727 on Ubuntu 18.04 LTS (bionic) - medium.
Description:	A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2019-11727
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND Package Information firefox package in bionic was vulnerable but has been fixed (note: '68.0+build3-0ubuntu0.18.04.1'). OR mozjs38 package in bionic is affected and may need fixing. OR mozjs52 package in bionic is affected and may need fixing. OR thunderbird package in bionic, is related to the CVE in some way and has been fixed (note: '1:68.4.1+build1-0ubuntu0.18.04.1').