-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-15989 2010-10-08 19:57:03 --------------------------------------------------------------------------------
Name : nss Product : Fedora 12 Version : 3.12.8 Release : 2.fc12 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update to 3.12.8 Improves handling of certificates with IP wildcards: http://www.mozilla.org/security/announce/2010/mfsa2010-70.html -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 6 2010 Elio Maldonado <[email protected]> - 3.12.8-2 - Move triggerpostun -n nss-sysinit script ahead of the other ones (#639248) * Tue Oct 5 2010 Elio Maldonado <[email protected]> - 3.12.8-1 - Update to 3.12.8 - Fix invalid %postun scriptlet (#639248) * Thu Sep 30 2010 Elio Maldonado <[email protected]> - 3.12.7-9 - Fix version on triggerpostun scriplet (#636787) * Wed Sep 29 2010 Elio Maldonado <[email protected]> - 3.12.7-8 - Replace posttrans sysinit scriptlet with a triggerpostun one (#636787) - Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801) * Tue Sep 28 2010 Elio Maldonado <[email protected]> - 3.12.7-7 - Prevent of nss-sysinit disabling on package upgrade (#636787) - Create pkcs11.txt with correct permissions regardless of umask (#636792) - Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801) - Add provides nss-pkcs11-devel-static to comply with packaging guidelines (#609612) * Sun Sep 12 2010 Elio Maldonado <[email protected]> - 3.12.7-6 - Remove {nss_util|nss_softokn}_build_version, BuildRequires must match Requires * Sat Sep 11 2010 Elio Maldonado <[email protected]> - 3.12.7-5 - Bump nss_util_build_version and nss_softokn_build_version to 3.12.7 * Tue Sep 7 2010 Elio Maldonado <[email protected]> - 3.12.7-4 - Fix unclosed comment in renegotiate-transitional.patch * Sat Aug 28 2010 Elio Maldonado <[email protected]> - 3.12.7-3 - Change BuildRequries to available version of nss-util-devel * Sat Aug 28 2010 Elio Maldonado <[email protected]> - 3.12.7-2 - Define NSS_USE_SYSTEM_SQLITE and remove unneeded patch - Add comments regarding an unversioned provides which triggers rpmlint warning - Build requires nss-softokn-devel >= 3.12.7 * Mon Aug 16 2010 Elio Maldonado <[email protected]> - 3.12.7-1 - Update to 3.12.7 * Sat Aug 14 2010 Elio Maldonado <[email protected]> - 3.12.6-12 - Apply the patches to fix rhbz#614532 * Mon Aug 9 2010 Elio Maldonado <[email protected]> - 3.12.6-11 - Removed pem sourecs as they are in the cache * Mon Aug 9 2010 Elio Maldonado <[email protected]> - 3.12.6-10 - Add support for PKCS#8 encoded PEM RSA private key files (#614532) * Sat Jul 31 2010 Elio Maldonado <[email protected]> - 3.12.6-9 - Fix nsssysinit to return userdb ahead of systemdb (#603313) * Tue Jun 8 2010 Dennis Gilmore <[email protected]> - 3.12.6-8 - Require and BuildRequire >= the listed version not = * Tue Jun 8 2010 Elio Maldonado <[email protected]> - 3.12.6-7 - Require nss-softoken 3.12.6 - Fix SIGSEGV within CreateObject (#596674) * Mon Apr 12 2010 Elio Maldonado <[email protected]> - 3.12.6-5 - Update pem source tar to pick up the following bug fixes: - PEM - Allow collect objects to search through all objects - PEM - Make CopyObject return a new shallow copy - PEM - Fix memory leak in pem_mdCryptoOperationRSAPriv * Wed Apr 7 2010 Elio Maldonado <[email protected]> - 3.12.6-4 - Update the test cert in the setup phase * Wed Apr 7 2010 Elio Maldonado <[email protected]> - 3.12.6-3 - Add sed to sysinit requires as setup-nsssysinit.sh requires it (#576071) - Update PayPalEE test cert with unexpired one (#580207) * Fri Mar 19 2010 Elio Maldonado <[email protected]> - 3.12.6-2 - Fix nss.pc to not require nss-softokn (#575001) * Sat Mar 6 2010 Elio Maldonado <[email protected]> - 3.12.6-1.2 - Rebuilt with all tests enabled * Sat Mar 6 2010 Elio Maldonado <[email protected]> - 3.12.6-1.1 - Update to 3.12.6 - Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Patch tools to validate command line options arguments * Mon Jan 25 2010 Elio Maldonado <[email protected]> - 3.12.5-8 - Fix curl related regression and general patch code clean up * Wed Jan 13 2010 Elio Maldonado <[email protected]> - 3.12.5-7 - Retagged * Wed Jan 13 2010 Elio Maldonado <[email protected]> - 3.12.5-6 - retagging * Tue Jan 12 2010 Elio Maldonado <[email protected]> - 3.12.5-2.1 - Fix SIGSEGV on call of NSS_Initialize (#553638) * Wed Jan 6 2010 Elio Maldonado <[email protected]> - 3.12.5-2 - bump release number and rebuild * Wed Jan 6 2010 Elio Maldonado<[email protected]> - 3.12.5-1.14 - Fix nsssysinit to allow root to modify the nss system database (#547860) * Wed Jan 6 2010 Elio Maldonado<[email protected]> - 3.12.5-1.12.1 - Temporarily disabling the ssl tests until Bug 539183 is resolved * Fri Dec 25 2009 Elio Maldonado<[email protected]> - 3.12.5-1.11 - Fix an error introduced when adapting the patch for 546211 * Sat Dec 19 2009 Elio maldonado<[email protected]> - 3.12.5-1.10 - Remove some left over trace statements from nsssysinit patching * Thu Dec 17 2009 Elio Maldonado<[email protected]> - 3.12.5-1.8 - Fix nsssysinit to set the default flags on the crypto module (#545779) - Fix nsssysinit to enable apps to use the system cert store, patch contributed by David Woodhouse (#546221) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387) - Sysinit requires coreutils for post install scriplet (#547067) - Remove redundant header from the pem module * Wed Dec 9 2009 Elio Maldonado<[email protected]> - 3.12.5-2.1 - Remove unneeded patch * Fri Dec 4 2009 Elio Maldonado<[email protected]> - 3.12.5-1.2 - Update to 3.12.5 - CVE-2009-3555 TLS: MITM attacks via session renegotiation * Mon Oct 26 2009 Elio Maldonado<[email protected]> - 3.12.4-15 - Require nss-softoken of same arch as nss (#527867) -------------------------------------------------------------------------------- References: [ 1 ] Bug #630047 - CVE-2010-3170 firefox/nss: doesn't handle IP-based wildcards in X509 certificates safely https://bugzilla.redhat.com/show_bug.cgi?id=630047 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nss' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
