Change logs for nss source package in Eoan

  • nss (2:3.45-1ubuntu1) eoan; urgency=low
    
      * Merge from Debian unstable.  Remaining changes:
        - d/libnss3.links: make freebl3 available as library (LP 1744328)
        - d/control: add dh-exec to Build-Depends
        - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
    
    nss (2:3.45-1) unstable; urgency=medium
    
      * New upstream release.
        - Fixes CVE-2019-11727 and CVE-2019-11719.
      * debian/libnss3.symbols: Add NSS_3_45 symbol version.
    
    nss (2:3.44+really3.42.1-2) unstable; urgency=medium
    
      * debian/rules: Fix version exposed in nss-config and nss.pc.
    
    nss (2:3.44.0-1) experimental; urgency=medium
    
      * debian/libnss3.symbols:
        - Update the version needed for
        SSL_Get{CipherSuite,Channel,PreliminaryChannel}Info.
        - Adjust versions so that 3.44+really3.42.1-1 is considered older where it
        matters.
    
    nss (2:3.44+really3.42.1-1) unstable; urgency=medium
    
      * Reverse to 3.42.1. Building against 3.44 induces some behavior
        differences when running against older versions, which could normally
        be solved with updates to the symbols file, but since 3.44 is not meant
        to ship in Buster, avoid disruption for nss reverse dependencies until
        Buster is released by going back to previous version.
    
    nss (2:3.44-1) unstable; urgency=medium
    
      * New upstream release.
      * debian/libnss3.symbols: Add NSS_3_43 and NSS_3_44 symbol versions.
    
    nss (2:3.42.1-1) unstable; urgency=medium
    
      * New upstream release.
        - Fixes CVE-2018-18508. Closes: #921614.
    
     -- Gianfranco Costamagna <email address hidden>  Thu, 11 Jul 2019 11:49:44 +0200
  • nss (2:3.42-1ubuntu2) disco; urgency=medium
    
      * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
        - debian/patches/CVE-2018-18508-1.patch: add null checks in
          nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
          nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
          nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
        - debian/patches/CVE-2018-18508-2.patch: add null checks in
          nss/lib/smime/cmsmessage.c.
        - CVE-2018-18508
    
     -- Marc Deslauriers <email address hidden>  Tue, 19 Feb 2019 12:04:49 +0100