Debian Linux Security Advisory 2490-1 - Kaspar Brand discovered that Mozilla's Network Security Services (NSS) library did insufficient length checking in the QuickDER decoder, allowing to crash a program using the library.
c9f66a3f51a21e634e419e7db6a0a2aa2ced54fb88a94a11eb383ddb99dc88ba