Oval Definition:oval:com.ubuntu.xenial:def:2019117270000000
Revision Date:2019-07-23Version:1
Title:CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.
Description:A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-11727
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • firefox package in xenial was vulnerable but has been fixed (note: '68.0+build3-0ubuntu0.16.04.1').
  • OR thunderbird package in xenial is affected and needs fixing.
    • BACK