A nss security update has been released for Debian GNU/Linux 8 Extended LTS.

ELA-802-1 nss security update

Package : nss
Version : 2:3.26-1+debu8u17 (jessie), 2:3.26.2-1.1+deb9u6 (stretch)

Related CVEs :
CVE-2023-0767

Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag
attributes in nss, the Mozilla Network Security Service library, may result in
execution of arbitrary code if a specially crafted PKCS 12 certificate bundle
is processed.

  ELA-802-1 nss security update