-
nss (2:3.82-1ubuntu0.1) kinetic-security; urgency=medium
* SECURITY UPDATE: DoS when no client cert in database
- debian/patches/CVE-2022-3479.patch: properly handle NULL lists in
nss/lib/ssl/authcert.c.
- CVE-2022-3479
* SECURITY UPDATE: Arbitrary memory write via PKCS 12 in NSS
- debian/patches/CVE-2023-0767.patch: improve handling of unknown
PKCS#12 safe bag types in nss/lib/pkcs12/p12d.c,
nss/lib/pkcs12/p12t.h, nss/lib/pkcs12/p12tmpl.c.
- CVE-2023-0767
-- Marc Deslauriers <email address hidden> Fri, 17 Feb 2023 09:44:44 -0500
-
nss (2:3.82-1) unstable; urgency=medium
* New upstream release.
* debian/libnss3.symbols: Add NSSUTIL_3.82 symbol version.
-- Mike Hommey <email address hidden> Wed, 24 Aug 2022 07:00:08 +0900
-
nss (2:3.81-2) unstable; urgency=medium
* debian/rules: Disable -Werror on less mainline architectures.
-- Mike Hommey <email address hidden> Sun, 14 Aug 2022 05:45:08 +0900
-
nss (2:3.81-1) unstable; urgency=medium
* New upstream release.
* debian/libnss3.symbols: Add NSS_3.80 symbol version.
-- Mike Hommey <email address hidden> Wed, 27 Jul 2022 10:19:59 +0900
-
nss (2:3.79-1) unstable; urgency=medium
* New upstream release.
* debian/libnss3.symbols: Add NSS_3.79 symbol version.
* debian/control: Bump nspr build dependency.
-- Mike Hommey <email address hidden> Wed, 01 Jun 2022 06:30:56 +0900
-
nss (2:3.77-1) unstable; urgency=medium
* New upstream release.
* debian/libnss3.symbols: Add NSS_3.77 symbol version.
-- Mike Hommey <email address hidden> Wed, 06 Apr 2022 09:18:22 +0900
-
nss (2:3.68.2-0ubuntu1) jammy; urgency=medium
* New upstream release. (LP: #1959126)
* d/p/CVE-2021-43527.patch: drop patch applied upstream.
[ Fixed in 3.68.1 ]
-- Athos Ribeiro <email address hidden> Mon, 21 Feb 2022 14:55:42 -0300
