This bug was fixed in the package nss - 2:3.48-1ubuntu1

nss (2:3.48-1ubuntu1) focal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - d/libnss3.links: make freebl3 available as library (LP #1744328)
    - d/control: add dh-exec to Build-Depends
    - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
    - Disable reading fips_enabled flag in FIPS mode. libnss is
      not a FIPS certified library. (LP #1837734)
  * Set TLSv1.2 as minimum TLS version. LP: #1856428

nss (2:3.48-1) unstable; urgency=medium

  * New upstream release. Closes: #947131.
  * debian/control: Bump nspr build dependency to 4.24.
  * nss/lib/freebl/Makefile: Disable hardware AES on ARM softfloat to fix
    FTBFS on armel. Closes: #947246.

nss (2:3.47.1-1) unstable; urgency=medium

  * New upstream release.
    - Fixes CVE-2019-11745.

 -- Ubuntu Merge-o-Matic <>  Sun, 29 Dec 2019 03:43:36

** Changed in: nss (Ubuntu)
       Status: Fix Committed => Fix Released

** CVE added:

You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

  Disable TLS below 1.2 by default

To manage notifications about this bug go to:

ubuntu-bugs mailing list

Reply via email to