[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 384: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4756: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3891)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4758: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3891)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4759: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3891)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4760: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3891)
Ultimate Edition Forum • View topic - Logjam SSL Vulnerability in Ubuntu 14.04 LTS and older
Page 1 of 1

Logjam SSL Vulnerability in Ubuntu 14.04 LTS and older

PostPosted: Sat Jun 13, 2015 8:29 pm
by ryanvade
I have noticed that Ubuntu 14.04 LTS is vulnerable to the Logjam vulnerability. The main reason for this is the NSS library it is using (3.18). A fix has been releases for NSS 3.19. To test your web browser go to https://weakdh.org/
To find out what version of NSS you are using, open firefox and go to about:support and search for NSS.

Ubuntu 15.10 has the patched version of NSS. I have seen no indication that NSS 3.19.1 will be backported to 14.04 or 15.04. Manually upgrading causes dependency issues.

For more information:
https://developer.mozilla.org/en-US/doc ... ojects/NSS

Re: Logjam SSL Vulnerability in Ubuntu 14.04 LTS and older

PostPosted: Mon Sep 12, 2016 3:45 pm
by swarfendor437
Yet another item of news I have missed - thanks ryanvade for sharing this information and bringing it to the community attention. <BREW>