-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-3905 2010-03-09 02:57:23 --------------------------------------------------------------------------------
Name : nss Product : Fedora 11 Version : 3.12.6 Release : 1.2.fc11 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update to NSS 3.12.6 The primary feature of NSS 3.12.6 is support for the TLS Renegotiation Indication Extension, RFC 5746. -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 6 2010 Elio Maldonado <[email protected]> - 3.12.6-1.2 - Rebuilt with all tests enabled * Sat Mar 6 2010 Elio Maldonado <[email protected]> - 3.12.6-1.1 - Update to 3.12.6 - Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Patch some tools to validate command line options arguments * Tue Jan 12 2010 Elio Maldonado <[email protected]> - 3.12.5-3.1 - Update to latest pem module sources - Get the blank databases from the lookaside cache * Thu Jan 7 2010 Elio Maldonado <[email protected]> - 3.12.5-3 - Temporarily disabling ssl tests until bug 539183 gets resolved * Thu Jan 7 2010 Elio Maldonado <[email protected]> - 3.12.5-2 - rebuilt with properly formatted release number * Sun Dec 6 2009 Elio Maldonado<[email protected]> - 3.12.5-1 - Update to 3.12.5 * Thu Sep 17 2009 Elio Maldonado<[email protected]> - 3.12.4-3 - Add nssdbm3.so to nss-prelink.conf, rhbz#524075 * Tue Sep 15 2009 Elio Maldonado<[email protected]> - 3.12.4-2 - Fix inability to toggle fips mode when using legacy db - 483855 * Mon Sep 7 2009 Elio Maldonado<[email protected]> - 3.12.4-1 - Update to 3.12.4 - Update the nss pem enabling source archive to roll in bug fixes - pem module implements memory management for internal objects - 509705 - pem module doesn't crash when processing malformed key files - 512019 - preserve timestamps and ensure proper execute bits on installed files * Mon Jun 22 2009 Elio Maldonado <[email protected]> - 3.12.3.99.3-2.11.4 - Fixed problems uncovered by mass rebuild with new version of rpmbuild * Mon Jun 22 2009 Elio Maldonado <[email protected]> - 3.12.3.99.3-2.11.3 - updated pem module incorporates various patches - fix off-by-one error when computing size to reduce memory leak, rhbz#483855 - fix data type to work on x86_64 systems, rhbz #429175 - fix various memory leaks and free internal objects on module unload, rhbz#501080 - fix to not clone internal objects in collect_objects(), rhbz#501118 - fix to not bypass initialization if module arguments are omitted, rhbz#501058 - fix gcc warnings, rhbz#500815 - fix to support arbitrarily long password while loading a private key, rhbz#500180 - fix memory leak in make_key and memory leaks and return values in pem_mdSession_Login, rhbz#501191 * Mon Jun 8 2009 Elio Maldonado <[email protected]> - 3.12.3.99.3-2.11.2 - correct version and release number in this log * Mon Jun 8 2009 Elio Maldonado <[email protected]> - 2.11.2 - add patch for bug 502133 upstream bug 496997 * Fri Jun 5 2009 Kai Engert <[email protected]> - 3.12.3.99.3-2.11.1 - rebuild with higher release number for upgrade sanity * Fri Jun 5 2009 Kai Engert <[email protected]> - 3.12.3.99.3-2 - reenable test suite * Fri Jun 5 2009 Kai Engert <[email protected]> - 3.12.3.99.3-1 - updated to NSS_3_12_4_FIPS1_WITH_CKBI_1_75 -------------------------------------------------------------------------------- References: [ 1 ] Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation https://bugzilla.redhat.com/show_bug.cgi?id=533125 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nss' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
