drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in nss-softokn
| Name: |
Mehrere Probleme in nss-softokn |
|
| ID: |
FEDORA-2011-17399 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 15 |
|
| Datum: |
So, 22. Januar 2012, 12:43 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389 |
|
| Applikationen: |
NSS |
|
Originalnachricht |
Name : nss-softokn
Product : Fedora 15
Version : 3.13.1
Release : 15.fc15
URL : http://www.mozilla.org/projects/security/pki/nss/
Summary : Network Security Services Softoken Module
Description :
Network Security Services Softoken Cryptographic Module
-------------------------------------------------------------------------------
-
Update Information:
The latest version of Firefox and Thunderbird have the following changes:
* Added Type Inference, significantly improving JavaScript performance
* Added support for querying Do Not Track status via JavaScript
* Added support for font-stretch
* Improved support for text-overflow
* Improved standards support for HTML5, MathML, and CSS
* Fixed several stability issues
* Fixed several security issues
Notable nss changes include:
1. SSL 2.0 is disabled by default.
2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack
demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default.
Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.
3. SHA-224 is supported.
4. Added PORT_ErrorToString and PORT_ErrorToName to return the
error message and symbolic name of an NSS error code.
5. Added NSS_GetVersion to return the NSS version string.
6. Added experimental support of RSA-PSS to the softoken only
(contributed by Hanno Böck, http://rsapss.hboeck.de/).
-------------------------------------------------------------------------------
-
ChangeLog:
* Sat Dec 31 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-15
- Bug 770999 - Fix segmentation violation when turning on fips mode
- Applying the iquote patch for boostrapping
* Tue Dec 13 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-14
- Restore the update to 3.13.1
- Update the patch for freebl to deal with prelinked shared libraries
- Add additional dbrg power-up self-tests as required by fips
- Reactivate the tests
* Tue Dec 6 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-13
- Bug 757005 Build nss-softokn for rhel 7
- Make it almost like nss-softokn-3.12.9 in rhel 6.2
- Added a patch to build with Linux 3 and higher
- Meant to work with nss and nss-utul 3.1.3.1
- Download only the 3.12.9 sources from the lookaside cache
* Fri Dec 2 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-12
- Retagging
* Wed Nov 23 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.9-11
- Downgrading to 3.12.9 for a merge into new RHEL git repo
- This build is for the buildroot for a limited time only
- Do not not push it to update-testing
* Tue Nov 8 2011 Elio Maldonado <emaldona@redhat.com> - 3.13.1-1
- Update to NSS_3_13_1_RTM
* Wed Oct 12 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-6
- Fix failure to switch nss-softokn to FIPS mode (#745571)
* Tue Oct 11 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.1.rc0.3
- Update to NSS_3_13_RC0 post bootstrapping
- Don't incude util in sources for the lookaside cache
- Reenable building the fipstest tool
- Restore full cli argument parsing in the sectool library
* Sun Oct 9 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.1.rc0.2
- Update to NSS_3_13_RC0 bootstrapping the system phase 2
- Reenable the cipher test suite
* Sat Oct 8 2011 Elio Maldonado <emaldona@redhat.com> - 3.13-0.rc0.1
- Update to NSS_3_13_RC0
* Thu Sep 8 2011 Ville Skyttä <ville.skytta@iki.fi> - 3.12.11-3
- Avoid %post/un shell invocations and dependencies.
* Wed Aug 17 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-5
- rebuilt as recommended to deal with an rpm 4.9.1 issue
* Wed Jul 20 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-4
- Adjustements from code review (#715402)
* Sun Jun 26 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-3
- Add %{check} section to run crypto tests as part of the build (#715402)
* Tue Jun 14 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-2
- Fix intel optimized aes code to deal with case where input and ouput are in
the same buffer (#709517)
* Fri May 6 2011 Elio Maldonado <emaldona@redhat.com> - 3.12.10-1
- Update to NSS_3_12_10_RTM
* Wed Apr 27 2011 Elio Maldonado <emaldona@redhat.com> -
3.12.10-0.1.beta1
- Update to NSS_3_12_10_BETA1
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update nss-softokn' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
