Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 27: FEDORA-2018-4a21a8ca59 Critical: NSS Security Update

fedora
Calendar Grey September 18, 2018
Dist Fedora Esm H88
Essential nss upgrade boosts protection in Fedora 27, resolving existing vulnerabilities and correcting defects. Discover further details!
Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39

Summary

Network Security Services (NSS) is a set of libraries designed to

support cross-platform development of security-enabled client and

server applications. Applications built with NSS can support SSL v2

and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509

v3 certificates, and other security standards.

Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39. For

details about new functionality and a list of bugs fixed in this release please

* Mon Sep 3 2018 Daiki Ueno - 3.39.0-1.0

- Update to NSS 3.39

- Use the upstream tarball as it is (rhbz#1578106)

* Tue Jul 3 2018 Daiki Ueno - 3.38.0-1.0

- Update to NSS 3.38

* Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.0

- Update to NSS 3.37.3

* Thu Apr 19 2018 Daiki Ueno - 3.36.1-1.0

- Update to NSS 3.36.1

* Fri Mar 9 2018 Daiki Ueno - 3.36.0-1.0

- Update to NSS 3.36.0

- Add gcc-c++ to BuildRequires (C++ is needed for gtests)

- Make test failure detection robuster

- Enable test on s390x again

* Mon Feb 12 2018 Daiki Ueno - 3.35.0-1.1

- Temporarily ignore test failures on F27 s390x

* Wed Feb 7 2018 Daiki Ueno - 3.35.0-1.0

- Update to NSS 3.35.0

* Tue Nov 14 2017 Daiki Ueno - 3.34.0-1.0

- Update to NSS 3.34.0

* Fri Nov 10 2017 Daiki Ueno - 3.33.0-1.1

- Make sure 32bit nss-pem always be installed with 32bit nss in

multlib environment, patch by Kamil Dudka

[ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1624704

[ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support

https://bugzilla.redhat.com/show_bug.cgi?id=1620207

[ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided

https://bugzilla.redhat.com/show_bug.cgi?id=1578106

su -c 'dnf upgrade --advisory FEDORA-2018-4a21a8ca59' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory network security security update critical Fedora software patch NSS

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 27
Version: 3.39.0
Release: 1.0.fc27
URL: https://firefox-source-docs.mozilla.org/security/nss/index.html
Summary: Network Security Services

Topics%20covered

Topics Covered

security advisory network security security update critical Fedora software patch NSS

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here