--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-1a7a5c54c2
2018-09-14 23:11:42.963781
--------------------------------------------------------------------------------Name        : nss-softokn
Product     : Fedora 28
Version     : 3.39.0
Release     : 1.0.fc28
URL         : https://firefox-source-docs.mozilla.org/security/nss/index.html
Summary     : Network Security Services Softoken Module
Description :
Network Security Services Softoken Cryptographic Module

--------------------------------------------------------------------------------Update Information:

Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39.  For
details about new functionality and a list of bugs fixed in this release please
see the upstream release notes  --------------------------------------------------------------------------------ChangeLog:

* Mon Sep  3 2018 Daiki Ueno  - 3.39.0-1.0
- Update to NSS 3.39
* Tue Jul  3 2018 Daiki Ueno  - 3.38.0-1.0
- Update to NSS 3.38
* Tue Jun  5 2018 Daiki Ueno  - 3.37.3-1.1
- Fix partial injection of LDFLAGS (the original relro flags are also
  set by redhat-rpm-config)
- Enable FIPS startup test
* Tue Jun  5 2018 Daiki Ueno  - 3.37.3-1.0
- Update to NSS 3.37.3
* Mon May 28 2018 Daiki Ueno  - 3.37.1-1.0
- Update to NSS 3.37.1
* Thu May  3 2018 Kai Engert  - 3.36.1-1.1
- Upstream patch to automatically enable SQL DB caching based on
  filesystem type, mozbz#1456888
* Wed Apr 11 2018 Daiki Ueno  - 3.36.1-1.0
- Update to NSS 3.36.1
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1624704
  [ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support
        https://bugzilla.redhat.com/show_bug.cgi?id=1620207
  [ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided
        https://bugzilla.redhat.com/show_bug.cgi?id=1578106
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 28: nss-softokn Security Update

September 14, 2018
Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39

Summary

Network Security Services Softoken Cryptographic Module

Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39. For

details about new functionality and a list of bugs fixed in this release please

* Mon Sep 3 2018 Daiki Ueno - 3.39.0-1.0

- Update to NSS 3.39

* Tue Jul 3 2018 Daiki Ueno - 3.38.0-1.0

- Update to NSS 3.38

* Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.1

- Fix partial injection of LDFLAGS (the original relro flags are also

set by redhat-rpm-config)

- Enable FIPS startup test

* Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.0

- Update to NSS 3.37.3

* Mon May 28 2018 Daiki Ueno - 3.37.1-1.0

- Update to NSS 3.37.1

* Thu May 3 2018 Kai Engert - 3.36.1-1.1

- Upstream patch to automatically enable SQL DB caching based on

filesystem type, mozbz#1456888

* Wed Apr 11 2018 Daiki Ueno - 3.36.1-1.0

- Update to NSS 3.36.1

[ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1624704

[ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support

https://bugzilla.redhat.com/show_bug.cgi?id=1620207

[ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided

https://bugzilla.redhat.com/show_bug.cgi?id=1578106

su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2018-1a7a5c54c2 2018-09-14 23:11:42.963781 Product : Fedora 28 Version : 3.39.0 Release : 1.0.fc28 URL : https://firefox-source-docs.mozilla.org/security/nss/index.html Summary : Network Security Services Softoken Module Description : Network Security Services Softoken Cryptographic Module Updates the nss family of packages to upstream NSPR 4.20 and NSS 3.39. For details about new functionality and a list of bugs fixed in this release please * Mon Sep 3 2018 Daiki Ueno - 3.39.0-1.0 - Update to NSS 3.39 * Tue Jul 3 2018 Daiki Ueno - 3.38.0-1.0 - Update to NSS 3.38 * Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.1 - Fix partial injection of LDFLAGS (the original relro flags are also set by redhat-rpm-config) - Enable FIPS startup test * Tue Jun 5 2018 Daiki Ueno - 3.37.3-1.0 - Update to NSS 3.37.3 * Mon May 28 2018 Daiki Ueno - 3.37.1-1.0 - Update to NSS 3.37.1 * Thu May 3 2018 Kai Engert - 3.36.1-1.1 - Upstream patch to automatically enable SQL DB caching based on filesystem type, mozbz#1456888 * Wed Apr 11 2018 Daiki Ueno - 3.36.1-1.0 - Update to NSS 3.36.1 [ 1 ] Bug #1624704 - CVE-2018-12384 nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1624704 [ 2 ] Bug #1620207 - Enable SSLKEYLOGFILE support https://bugzilla.redhat.com/show_bug.cgi?id=1620207 [ 3 ] Bug #1578106 - Package version is invalid, or no Source URL provided https://bugzilla.redhat.com/show_bug.cgi?id=1578106 su -c 'dnf upgrade --advisory FEDORA-2018-1a7a5c54c2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 28
Version : 3.39.0
Release : 1.0.fc28
URL : https://firefox-source-docs.mozilla.org/security/nss/index.html
Summary : Network Security Services Softoken Module

Related News

19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved