-
nss (2:3.19.2.1-0ubuntu0.15.04.2) vivid-security; urgency=medium
* SECURITY UPDATE: incorrect MD5 support with TLS 1.2
- debian/patches/CVE-2015-7575.patch: remove MD5 in
nss/lib/ssl/ssl3con.c.
- CVE-2015-7575
-- Marc Deslauriers <email address hidden> Thu, 07 Jan 2016 13:23:09 -0500
-
nss (2:3.19.2.1-0ubuntu0.15.04.1) vivid-security; urgency=medium
* Updated to upstream 3.19.2.1 to fix two security issues.
* SECURITY UPDATE: use-after-poison in sec_asn1d_parse_leaf
- CVE-2015-7181
* SECURITY UPDATE: ASN.1 decoder heap overflow
- CVE-2015-7182
-- Marc Deslauriers <email address hidden> Wed, 04 Nov 2015 10:40:18 -0600
-
nss (2:3.19.2-0ubuntu15.04.1) vivid-security; urgency=medium
* SECURITY UPDATE: update to upstream 3.19.2 to fix multiple security
issues and get a new CA certificate bundle.
- CVE-2015-2721
- CVE-2015-2730
* debian/libnss3.symbols: updated for new version.
* debian/patches/relax_dh_size.patch: relax minimum DH size to 768 bits
for compatibility reasons. This patch will get reverted in the future
once servers have upgraded to longer DH sizes.
-- Marc Deslauriers <email address hidden> Wed, 08 Jul 2015 11:27:56 -0400
-
nss (2:3.17.4-0ubuntu1) vivid; urgency=medium
* SECURITY UPDATE: update to upstream 3.17.4 to get new CA certificate
bundle, and to fix incorrect SHA-1 behaviour. (LP: #1423031)
* Removed unneeded patches:
- debian/patches/98_CVE-2014-1569.patch: included upstream.
-- Marc Deslauriers <email address hidden> Thu, 19 Feb 2015 07:32:50 -0500
-
nss (2:3.17.2-1.1ubuntu1) vivid; urgency=low
* Merge from Debian unstable. (LP: #1407826) Remaining changes:
- debian/rules:
+ Add x32 support.
+ Also ship blapi.h and alghmac.h in libnss3-dev.
- debian/control, debian/libnss3-nssdb.*, debian/libnss3.symbols,
debian/pkcs11.txt, debian/rules:
+ Add back support for shared cert and key databases.
nss (2:3.17.2-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix CVE-2014-1569. Closes: #773625.
-- Artur Rona <email address hidden> Tue, 06 Jan 2015 00:15:08 +0100
-
nss (2:3.17.2-1ubuntu1) vivid; urgency=low
* Merge from Debian unstable. (LP: #1400181) Remaining changes:
- debian/rules:
+ Add x32 support.
+ Also ship blapi.h and alghmac.h in libnss3-dev.
- debian/control, debian/libnss3-nssdb.*, debian/libnss3.symbols,
debian/pkcs11.txt, debian/rules:
+ Add back support for shared cert and key databases.
nss (2:3.17.2-1) unstable; urgency=medium
* New upstream release.
nss (2:3.17.1-1) unstable; urgency=high
* New upstream release.
- Fixes CVE-2014-1568.
- Add support for ppc64el, with a non-broken patch. Closes: #745757.
* debian/libnss3.symbols: Add NSSUTIL_3.17.1 symbol versions.
-- Artur Rona <email address hidden> Mon, 08 Dec 2014 00:26:25 +0100
-
nss (2:3.17.1-0ubuntu1) utopic; urgency=medium
* SECURITY UPDATE: update to 3.17.1
- see USN-2361-1
* debian/libnss3.symbols: updated for new version.
* debian/patches/38_ppc64le.patch: removed, upstream.
-- Marc Deslauriers <email address hidden> Wed, 24 Sep 2014 15:35:00 -0400
