What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-1a7a5c54c2
2018-09-14 23:11:42.963781
--------------------------------------------------------------------------------Name        : nss
Product     : Fedora 28
Version     : 3.39.0
Release     : 1.0.fc28
URL         : https://www.mozilla.org/projects/security/pki/nss/
Summary     : Network Security Services
Description :
Network Security Services (NSS) is a set of libraries designed to
support cross-platform development of security-enabled client and
server applications. Applications built with NSS can support SSL v2
and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509
v3 certificates, and other security standards.

--------------------------------------------------------------------------------Update Information:

Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39.  For
details about new functionality and a list of bugs fixed in this release please
see the upstream release notes  --------------------------------------------------------------------------------ChangeLog:

* Mon Sep  3 2018 Daiki Ueno  - 3.39.0-1.0
- Update to NSS 3.39
- Use the upstream tarball as it is (rhbz#1578106)
* Tue Jul  3 2018 Daiki Ueno  - 3.38.0-1.0
- Update to NSS 3.38
* Wed Jun  6 2018 Daiki Ueno  - 3.37.3-1.1
- Backport fix for handling DTLS application_data before handshake
* Tue Jun  5 2018 Daiki Ueno  - 3.37.3-1.0
- Update to NSS 3.37.3
* Mon Jun  4 2018 Daiki Ueno  - 3.37.1-1.0
- Update to NSS 3.37.1
* Wed May  2 2018 Kai Engert  - 3.36.1-1.1
- Upstream patch to keep nicknames stable on repeated certificate
  import into SQL DB, mozbz#1458518
* Wed Apr 11 2018 Daiki Ueno  - 3.36.1-1.0
- Update to NSS 3.36.1
- Remove nss-3.14.0.0-disble-ocsp-test.patch
- Fix partial injection of LDFLAGS
- Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1624704
  [ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support
        https://bugzilla.redhat.com/show_bug.cgi?id=1620207
  [ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided
        https://bugzilla.redhat.com/show_bug.cgi?id=1578106
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Fedora 28: nss Security Update

September 14, 2018
Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39

Summary

Network Security Services (NSS) is a set of libraries designed to

support cross-platform development of security-enabled client and

server applications. Applications built with NSS can support SSL v2

and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509

v3 certificates, and other security standards.

Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39. For

details about new functionality and a list of bugs fixed in this release please

* Mon Sep 3 2018 Daiki Ueno - 3.39.0-1.0

- Update to NSS 3.39

- Use the upstream tarball as it is (rhbz#1578106)

* Tue Jul 3 2018 Daiki Ueno - 3.38.0-1.0

- Update to NSS 3.38

* Wed Jun 6 2018 Daiki Ueno - 3.37.3-1.1

- Backport fix for handling DTLS application_data before handshake

* Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.0

- Update to NSS 3.37.3

* Mon Jun 4 2018 Daiki Ueno - 3.37.1-1.0

- Update to NSS 3.37.1

* Wed May 2 2018 Kai Engert - 3.36.1-1.1

- Upstream patch to keep nicknames stable on repeated certificate

import into SQL DB, mozbz#1458518

* Wed Apr 11 2018 Daiki Ueno - 3.36.1-1.0

- Update to NSS 3.36.1

- Remove nss-3.14.0.0-disble-ocsp-test.patch

- Fix partial injection of LDFLAGS

- Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream

[ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1624704

[ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support

https://bugzilla.redhat.com/show_bug.cgi?id=1620207

[ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided

https://bugzilla.redhat.com/show_bug.cgi?id=1578106

su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

FEDORA-2018-1a7a5c54c2 2018-09-14 23:11:42.963781 Product : Fedora 28 Version : 3.39.0 Release : 1.0.fc28 URL : https://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39. For details about new functionality and a list of bugs fixed in this release please * Mon Sep 3 2018 Daiki Ueno - 3.39.0-1.0 - Update to NSS 3.39 - Use the upstream tarball as it is (rhbz#1578106) * Tue Jul 3 2018 Daiki Ueno - 3.38.0-1.0 - Update to NSS 3.38 * Wed Jun 6 2018 Daiki Ueno - 3.37.3-1.1 - Backport fix for handling DTLS application_data before handshake * Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.0 - Update to NSS 3.37.3 * Mon Jun 4 2018 Daiki Ueno - 3.37.1-1.0 - Update to NSS 3.37.1 * Wed May 2 2018 Kai Engert - 3.36.1-1.1 - Upstream patch to keep nicknames stable on repeated certificate import into SQL DB, mozbz#1458518 * Wed Apr 11 2018 Daiki Ueno - 3.36.1-1.0 - Update to NSS 3.36.1 - Remove nss-3.14.0.0-disble-ocsp-test.patch - Fix partial injection of LDFLAGS - Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream [ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1624704 [ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support https://bugzilla.redhat.com/show_bug.cgi?id=1620207 [ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided https://bugzilla.redhat.com/show_bug.cgi?id=1578106 su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 28
Version : 3.39.0
Release : 1.0.fc28
URL : https://www.mozilla.org/projects/security/pki/nss/
Summary : Network Security Services

Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Nov 21, 2023

Linux 6.7 Introduces "make hardening.config" To Help Build A Hardened Kernel

Nov 5, 2023

Linux Malware! Read This If You Use Free Download Manager

Sep 13, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo