Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 28: 2018-09-14 Critical Update: NSS Network Security Services

fedora
Calendar Grey September 14, 2018
Dist Fedora Esm H88
This revision bolsters NSS protection, addressing issues and incorporating improvements. Discover further details on its significance for Fedora community members.
Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39

Summary

Network Security Services (NSS) is a set of libraries designed to

support cross-platform development of security-enabled client and

server applications. Applications built with NSS can support SSL v2

and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509

v3 certificates, and other security standards.

Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39. For

details about new functionality and a list of bugs fixed in this release please

* Mon Sep 3 2018 Daiki Ueno - 3.39.0-1.0

- Update to NSS 3.39

- Use the upstream tarball as it is (rhbz#1578106)

* Tue Jul 3 2018 Daiki Ueno - 3.38.0-1.0

- Update to NSS 3.38

* Wed Jun 6 2018 Daiki Ueno - 3.37.3-1.1

- Backport fix for handling DTLS application_data before handshake

* Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.0

- Update to NSS 3.37.3

* Mon Jun 4 2018 Daiki Ueno - 3.37.1-1.0

- Update to NSS 3.37.1

* Wed May 2 2018 Kai Engert - 3.36.1-1.1

- Upstream patch to keep nicknames stable on repeated certificate

import into SQL DB, mozbz#1458518

* Wed Apr 11 2018 Daiki Ueno - 3.36.1-1.0

- Update to NSS 3.36.1

- Remove nss-3.14.0.0-disble-ocsp-test.patch

- Fix partial injection of LDFLAGS

- Remove NSS_NO_PKCS11_BYPASS, which is no-op in upstream

[ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1624704

[ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support

https://bugzilla.redhat.com/show_bug.cgi?id=1620207

[ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided

https://bugzilla.redhat.com/show_bug.cgi?id=1578106

su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory network security Fedora critical update software enhancement bug fixes NSS package

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 28
Version: 3.39.0
Release: 1.0.fc28
URL: https://firefox-source-docs.mozilla.org/security/nss/index.html
Summary: Network Security Services

Topics%20covered

Topics Covered

security advisory network security Fedora critical update software enhancement bug fixes NSS package

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here