Clay Ver Valen discovered an integer overflow in the AES-GCM implementation of the Mozilla Network Security Service libraries.
https://security-tracker.debian.org/tracker/DSA-6149-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-6149-1
Continue reading...

