Ubuntu
nss package

[FFe] Update to 3.15.1+ for TLS1.2 support

Bug #1219279 reported by Jacob Taylor
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
nss (Ubuntu)
Fix Released
High
Marc Deslauriers

Bug Description

All versions of ubuntu appear to still ship NSS 3.14.3 which does not support TLSv1.2. Chrom(e|ium) on Ubuntu cannot utilize TLSv1.2 because of this. Please ship an updated package. Thanks.

Related branches

lp:ubuntu/saucy-proposed/nss
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in nss (Ubuntu):
status: New → Confirmed
Dimitri John Ledkov (xnox)
summary: - Update to 3.15.1+ for TLS1.2 support
+ [FFe] Update to 3.15.1+ for TLS1.2 support
Scott Kitterman (kitterman)
Changed in nss (Ubuntu):
importance: Undecided → High
assignee: nobody → Marc Deslauriers (mdeslaur)
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

I'll take this merge, and will monitor any regressions.

Revision history for this message
Scott Kitterman (kitterman) wrote :

Thanks. I think it's better to do this now than initially in 14.04 for a variety of reasons. Approved.

Changed in nss (Ubuntu):
status: Confirmed → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nss - 2:3.15.1-1ubuntu1

---------------
nss (2:3.15.1-1ubuntu1) saucy; urgency=low

  * Merge from Debian unstable. FFe: (LP: #1219279)
    Remaining changes:
    - control: Change Vcs-* to XS-Debian-Vcs-*.
    - rules: Include libnssb.a and libnssckfw.a in the -dev package.

nss (2:3.15.1-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/*: Refresh patches.
  * debian/patches/lower-dhe-priority.patch: Removed, as it was only necessary
    for Iceweasel 3.5, which is long gone.

nss (2:3.15-1) unstable; urgency=low

  * New upstream release.
  * debian/patches/*: Refresh patches and removed unused ones.
  * debian/rules: Adjusted to the new source layout.
  * debian/libnss3.symbols: Add NSS*_3.15 symbol versions.
  * debian/control: Bump nspr build dependency.

nss (2:3.14.3-1) unstable; urgency=high

  * New upstream release.
    - Fixes TLS timing attack (luck 13). Closes: #699888.
  * debian/libnss3.symbols: Add NSS_3.14.3 symbol version.
  * debian/control: Unbump sqlite3 build dependency, 3.14.3 lifted the need
    for sqlite 3.7.15.
 -- Marc Deslauriers <email address hidden> Thu, 19 Sep 2013 16:07:11 -0400

Changed in nss (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.