On Mon, Nov 21, 2016 at 11:26:29PM +0100, Ola Lundqvist wrote: > On 21 November 2016 at 23:23, Mike Hommey <m...@glandium.org> wrote: > > > You probably want the security team here, they take care of NSS in > > jessie. > > > > On Mon, Nov 21, 2016 at 10:31:35PM +0100, Ola Lundqvist wrote: > > > Hello dear maintainer(s), > > > > > > The Debian LTS team would like to fix the security issues which are > > > currently open in the Wheezy version of nss: > > > https://security-tracker.debian.org/tracker/CVE-2016-8635
I think this one is fixed with th import of 2:3.25-1 in unstable, and thus contained in all suites already. The issue was fixed in 3.21.3, but for Debian the changes for "validating dh_Ys against the group prime" via ssl_IsValidDHEShare went into 2:3.25-1. Mike ist that correct? Regards, Salvatore