LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2011-17400 (nss-softokn)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 16 Update: nss-softokn-3.13.1-14.fc16 


Date:
    	      Fri, 23 Dec 2011 03:31:27 +0000


Message-ID:
    	      <20111223033127.4857E22DBD@bastion01.phx2.fedoraproject.org>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-17400
2011-12-23 03:11:11.857642
--------------------------------------------------------------------------------

Name        : nss-softokn
Product     : Fedora 16
Version     : 3.13.1
Release     : 14.fc16
URL         : http://www.mozilla.org/projects/security/pki/nss/
Summary     : Network Security Services Softoken Module
Description :
Network Security Services Softoken Cryptographic Module

--------------------------------------------------------------------------------
Update Information:

The latest version of Firefox and Thunderbird have the following changes:

* Added Type Inference, significantly improving JavaScript performance
* Added support for querying Do Not Track status via JavaScript
* Added support for font-stretch
* Improved support for text-overflow
* Improved standards support for HTML5, MathML, and CSS
* Fixed several stability issues
* Fixed several security issues


Update nss to 3.13.1

You can find the new features and bug fixes in NSS 3.13 and 3.13.1 with these Bugzilla queries:

https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&...

and

https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&...

Notable changes include:

1. SSL 2.0 is disabled by default.

2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack
demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.
Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.

3. SHA-224 is supported.

4. Added PORT_ErrorToString and PORT_ErrorToName to return the
error message and symbolic name of an NSS error code.

5. Added NSS_GetVersion to return the NSS version string.

6. Added experimental support of RSA-PSS to the softoken only
(contributed by Hanno Böck, http://rsapss.hboeck.de/).

--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 14 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-14
- Ensure it builds even if the buildroot that hasn't yet been boostrapped with updated headers
- The build tree freebl headers are selected in preference to the system ones
* Tue Dec 13 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-13.1
- Restore the update to 3.13.1
- Update the patch for freebl to deal with prelinked shared libraries
- Add additional dbrg power-up self-tests as required by fips
- Reactivate the tests
* Tue Dec  6 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-13
- Bug 757005 Build nss-softokn for rhel 7
- Make it almost like nss-softokn-3.12.9 in rhel 6.2
- Added a patch to build with Linux 3 and higher
- Meant to work with nss and nss-utul 3.1.3.1
- Download only the 3.12.9 sources from the lookaside cache
* Fri Dec  2 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-12
- Retagging
* Wed Nov 23 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-11
- Downgrading to 3.12.9 for a merge into new RHEL git repo
- This build is for the buildroot for a limited time only
- Do not not push it to update-testing
* Tue Nov  8 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-1
- Update to NSS_3_13_1_RTM
* Wed Oct 12 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-6
- Fix failure to switch nss-softokn to FIPS mode (#745571)
* Tue Oct 11 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.1.rc0.3
- Update to NSS_3_13_RC0 post bootstrapping
- Don't incude util in sources for the lookaside cache
- Reenable building the fipstest tool
- Restore full cli argument parsing in the sectool library
* Sun Oct  9 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.1.rc0.2
- Update to NSS_3_13_RC0 bootstrapping the system phase 2
- Reenable the cipher test suite
* Sat Oct  8 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.rc0.1
- Update to NSS_3_13_RC0
* Thu Sep  8 2011 Ville Skyttä <ville.skytta@iki.fi> - 3.12.11-3
- Avoid %post/un shell invocations and dependencies.
* Wed Aug 17 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-5
- rebuilt as recommended to deal with an rpm 4.9.1 issue
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nss-softokn' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds