Ubuntu
nss package

Change logs for nss source package in Zesty

  1. Zesty (17.04)
  2. Change log 
  • nss (2:3.28.4-0ubuntu0.17.04.3) zesty-security; urgency=medium

  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

 -- Marc Deslauriers <email address hidden>  Fri, 29 Sep 2017 08:51:29 -0400
  • nss (2:3.28.4-0ubuntu0.17.04.2) zesty-security; urgency=medium

  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

 -- Marc Deslauriers <email address hidden>  Fri, 16 Jun 2017 08:01:55 -0400
  • nss (2:3.28.4-0ubuntu0.17.04.1) zesty-security; urgency=medium

  * Updated to upstream 3.28.4 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: DES and Triple DES ciphers birthday attack
    - CVE-2016-2183
  * SECURITY UPDATE: out-of-bounds write in Base64 decoding
    - CVE-2017-5461
  * debian/patches/*.patch: refreshed for new version.
  * debian/control: bump libnspr4-dev to 4.13.1.
  * debian/libnss3.symbols: added new symbols.

 -- Marc Deslauriers <email address hidden>  Wed, 26 Apr 2017 10:25:43 -0400
  • nss (2:3.26.2-1ubuntu1) zesty; urgency=medium

  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

nss (2:3.26.2-1) unstable; urgency=medium

  * New upstream release.

nss (2:3.26-2) unstable; urgency=medium

  * debian/libnss3.symbols: SSL_GetCipherSuiteInfo and SSL_GetChannelInfo need
    newer versions despite the symbol versions.

 -- Marc Deslauriers <email address hidden>  Fri, 02 Dec 2016 08:48:03 -0500
  • nss (2:3.26-1ubuntu1) yakkety; urgency=medium

  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

nss (2:3.26-1) unstable; urgency=medium

  * New upstream release.
  * debian/watch: Update such that uscan --download-version works.
  * debian/control, debian/libnss3-1d.*, debian/libnss3.symbols: Remove the
    libnss3-1d* transitional packages.
  * debian/rules:
    - Always set CCC to CXX. Thanks Helmut Grohne. Closes: #806292.
    - Override KERNEL when cross building for a different OS. Closes: #810579.
  * debian/control: Split Depends/Build-Depends/Conflicts. Thanks Guido Günther.
    Closes: #806634.

 -- Matthias Klose <email address hidden>  Tue, 06 Sep 2016 14:39:56 +0200