Bug 1737470 fix introduced https://hg.mozilla.org/projects/nss/rev/dea71cbef9e03636f37c6cb120f8deccce6e17dd, which is the patch applied as debian/patches/CVE-2021-43527.patch in the current jammy package to fix CVE-2021-43527.
While Bug 1735028 is also private, its fix is not included in our current patches. Finally, SHA-2 support to mozilla::pkix's OCSP implementation is also not present in our delta (https://bugzilla.mozilla.org/show_bug.cgi?id=966856). Meaning that going for the update would include support to SHA-2 hashes in CertIDs in OCSP responses. ** Bug watch added: Mozilla Bugzilla #966856 https://bugzilla.mozilla.org/show_bug.cgi?id=966856 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-43527 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959126 Title: Consider update to 3.68.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1959126/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
