Author: renodr
Date: Thu Jan 9 13:58:07 2020
New Revision: 1519
Log:
Update Firefox and NSS errata for 0-day fixes.
Modified:
html/trunk/blfs/errata/9.0-systemd/index.html
html/trunk/blfs/errata/9.0/index.html
Modified: html/trunk/blfs/errata/9.0-systemd/index.html
==============================================================================
--- html/trunk/blfs/errata/9.0-systemd/index.html Thu Jan 2 18:57:22
2020 (r1518)
+++ html/trunk/blfs/errata/9.0-systemd/index.html Thu Jan 9 13:58:07
2020 (r1519)
@@ -20,9 +20,10 @@
CUPS-2.3.1.</p>
<p>After release, several vulnerabilities were identified in Firefox.
- Several of them are rated High or Moderate. To fix them, upgrade to
- Firefox-68.3.0 using the instructions in
- <a href="../../view/systemd/xsoft/firefox.html">Firefox-68.3.0</a>.</p>
+ Several of them are rated High or Moderate. An additional one contains
+ a 0-day fix for CVE-2019-17026. All users should update immediately.
+ To fix these, upgrade to Firefox-68.4.1 using the instructions in
+ <a href="../../view/systemd/xsoft/firefox.html">Firefox-68.4.1</a>.</p>
<p>After release, a vulnerability was discovered in the version of PHP
shipped with BLFS 9.0. The BLFS team recommends updating to the latest
version
@@ -130,9 +131,10 @@
<a
href="../../view/systemd/xsoft/thunderbird.html">Thunderbird-68.3.0</a>.</p>
<p>After release, a security flaw was found in NSS, CVE-2019-11745.
- To fix this security flaw, update to the latest version of NSS using
- the instructions in
- <a href="../../view/systemd/postlfs/nss.html">NSS-3.47.1</a>.</p>
+ An additional security flaw was found that was fixed by adding extra
+ encryption tests (CVE-2019-17023). To fix these,
+ update to the latest version of NSS using the instructions in
+ <a href="../../view/systemd/postlfs/nss.html">NSS-3.49</a>.</p>
<p>After release, a security flaw was discovered in the way that SHA-1
signatures are used in GnuPG. The SHA-1 support has been removed from
Modified: html/trunk/blfs/errata/9.0/index.html
==============================================================================
--- html/trunk/blfs/errata/9.0/index.html Thu Jan 2 18:57:22 2020
(r1518)
+++ html/trunk/blfs/errata/9.0/index.html Thu Jan 9 13:58:07 2020
(r1519)
@@ -30,10 +30,11 @@
<a href="../../view/svn/pst/cups.html">CUPS 2.3.1</a> to upgrade to
CUPS-2.3.1.</p>
- <p>After release, several vulnerabilities were identified in Firefox.
- Several of them are rated High or Moderate. To fix them, upgrade to
- Firefox-68.3.0 using the instructions in
- <a href="../../view/svn/xsoft/firefox.html">Firefox-68.3.0</a>.</p>
+ <p>After release, several vulnerabilities were identified in Firefox.
+ Several of them are rated High or Moderate. An additional one contains
+ a 0-day fix for CVE-2019-17026. All users should update immediately.
+ To fix these, upgrade to Firefox-68.4.1 using the instructions in
+ <a href="../../view/svn/xsoft/firefox.html">Firefox-68.4.1</a>.</p>
<p>After release, a vulnerability was discovered in the version of PHP
shipped with BLFS 9.0. The BLFS team recommends updating to the latest
version
@@ -135,9 +136,10 @@
<a
href="../../view/svn/xsoft/thunderbird.html">Thunderbird-68.3.0</a>.</p>
<p>After release, a security flaw was found in NSS, CVE-2019-11745.
- To fix this security flaw, update to the latest version of NSS using
- the instructions in
- <a href="../../view/svn/postlfs/nss.html">NSS-3.47.1</a>.</p>
+ An additional security flaw was found that was fixed by adding extra
+ encryption tests (CVE-2019-17023). To fix these,
+ update to the latest version of NSS using the instructions in
+ <a href="../../view/svn/postlfs/nss.html">NSS-3.49</a>.</p>
<p>After release, a security flaw was discovered in the way that SHA-1
signatures are used in GnuPG. The SHA-1 support has been removed from
--
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
