View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/nss
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/debian/dsc 2019-09-07 17:27:18 UTC 2019-09-07
DSC file for 2:3.42.1-1+deb10u1

Author: Ubuntu Git Importer
Author Date: 2019-09-07 17:27:18 UTC

DSC file for 2:3.42.1-1+deb10u1

applied/debian/buster 2019-09-07 17:19:56 UTC 2019-09-07
Import patches-applied version 2:3.42.1-1+deb10u1 to applied/debian/buster

Author: Moritz Mühlenhoff
Author Date: 2019-08-22 22:03:22 UTC

Import patches-applied version 2:3.42.1-1+deb10u1 to applied/debian/buster

Imported using git-ubuntu import.

Changelog parent: b800c33476694628a7e755c1f8259fe30ad344ac
Unapplied parent: cbfbc783d1f33077c138ce1f04afebbbbe4ff8c8

New changelog entries:
  * Fixes for CVE-2019-11719, CVE-2019-11727 and CVE-2019-11729 (in unstable
    these were addressed via the 2:3.45-1 upload to unstable)

debian/buster 2019-09-07 17:19:56 UTC 2019-09-07
Import patches-unapplied version 2:3.42.1-1+deb10u1 to debian/buster

Author: Moritz Mühlenhoff
Author Date: 2019-08-22 22:03:22 UTC

Import patches-unapplied version 2:3.42.1-1+deb10u1 to debian/buster

Imported using git-ubuntu import.

Changelog parent: 418f6427ddfbb44d2da5112b20aba63be6ec5e2f

New changelog entries:
  * Fixes for CVE-2019-11719, CVE-2019-11727 and CVE-2019-11729 (in unstable
    these were addressed via the 2:3.45-1 upload to unstable)

importer/ubuntu/dsc 2019-07-30 19:23:12 UTC 2019-07-30
DSC file for 2:3.28.4-0ubuntu0.16.04.7

Author: Ubuntu Git Importer
Author Date: 2019-07-30 19:23:12 UTC

DSC file for 2:3.28.4-0ubuntu0.16.04.7

applied/ubuntu/xenial-devel 2019-07-30 19:03:16 UTC 2019-07-30
Import patches-applied version 2:3.28.4-0ubuntu0.16.04.7 to applied/ubuntu/xe...

Author: Vineetha Kamath
Author Date: 2019-07-23 15:38:29 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.04.7 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: a7ec729107e66029664d7ae583fe0b473210d85e
Unapplied parent: c2dffcbfa5a3c5b0270c4bd846eba5362fb42452

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

applied/ubuntu/xenial-proposed 2019-07-30 19:03:16 UTC 2019-07-30
Import patches-applied version 2:3.28.4-0ubuntu0.16.04.7 to applied/ubuntu/xe...

Author: Vineetha Kamath
Author Date: 2019-07-23 15:38:29 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.04.7 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: a7ec729107e66029664d7ae583fe0b473210d85e
Unapplied parent: c2dffcbfa5a3c5b0270c4bd846eba5362fb42452

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

ubuntu/xenial-proposed 2019-07-30 19:03:16 UTC 2019-07-30
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.7 to ubuntu/xenial-p...

Author: Vineetha Kamath
Author Date: 2019-07-23 15:38:29 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.7 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: c7bce0e07bb6676fa539dcbfb165f66449991537

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

ubuntu/xenial-devel 2019-07-30 19:03:16 UTC 2019-07-30
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.7 to ubuntu/xenial-p...

Author: Vineetha Kamath
Author Date: 2019-07-23 15:38:29 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.7 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: c7bce0e07bb6676fa539dcbfb165f66449991537

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

ubuntu/bionic-devel 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-unapplied version 2:3.35-2ubuntu2.4 to ubuntu/bionic-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 17:09:07 UTC

Import patches-unapplied version 2:3.35-2ubuntu2.4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 465817076b2b99565627551e649c9221610b58dc

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

applied/ubuntu/disco-devel 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-applied version 2:3.42-1ubuntu2.2 to applied/ubuntu/disco-prop...

Author: Vineetha Kamath
Author Date: 2019-07-24 13:19:43 UTC

Import patches-applied version 2:3.42-1ubuntu2.2 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 2c15e66f839c8e19ec3e1b1fc8ea23d94f7d33b8
Unapplied parent: 8350579da777aee0d2a80bfe675b2f97af9be2c1

New changelog entries:
  * Disable reading fips_enabled flag on a FIPS enabled system. libnss
    is not a FIPS certified library. (LP: #1837734)

applied/ubuntu/bionic-devel 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-applied version 2:3.35-2ubuntu2.4 to applied/ubuntu/bionic-pro...

Author: Vineetha Kamath
Author Date: 2019-07-23 17:09:07 UTC

Import patches-applied version 2:3.35-2ubuntu2.4 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: b82110303dd7a7de791efd1ae2e247d449016c1e
Unapplied parent: cb8f943db70aab0c03d8b5fb62295c9fc3d07567

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

ubuntu/disco-proposed 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-unapplied version 2:3.42-1ubuntu2.2 to ubuntu/disco-proposed

Author: Vineetha Kamath
Author Date: 2019-07-24 13:19:43 UTC

Import patches-unapplied version 2:3.42-1ubuntu2.2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 45ce2d5cd10bb8b6076339abf0dd4a1898b2d2b4

New changelog entries:
  * Disable reading fips_enabled flag on a FIPS enabled system. libnss
    is not a FIPS certified library. (LP: #1837734)

ubuntu/disco-devel 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-unapplied version 2:3.42-1ubuntu2.2 to ubuntu/disco-proposed

Author: Vineetha Kamath
Author Date: 2019-07-24 13:19:43 UTC

Import patches-unapplied version 2:3.42-1ubuntu2.2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 45ce2d5cd10bb8b6076339abf0dd4a1898b2d2b4

New changelog entries:
  * Disable reading fips_enabled flag on a FIPS enabled system. libnss
    is not a FIPS certified library. (LP: #1837734)

ubuntu/bionic-proposed 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-unapplied version 2:3.35-2ubuntu2.4 to ubuntu/bionic-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 17:09:07 UTC

Import patches-unapplied version 2:3.35-2ubuntu2.4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 465817076b2b99565627551e649c9221610b58dc

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

applied/ubuntu/bionic-proposed 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-applied version 2:3.35-2ubuntu2.4 to applied/ubuntu/bionic-pro...

Author: Vineetha Kamath
Author Date: 2019-07-23 17:09:07 UTC

Import patches-applied version 2:3.35-2ubuntu2.4 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: b82110303dd7a7de791efd1ae2e247d449016c1e
Unapplied parent: cb8f943db70aab0c03d8b5fb62295c9fc3d07567

New changelog entries:
  * disable reading fips_enabled flag and enabling FIPS mode
    automatically on a FIPS machine. libnss is not a FIPS
    certified library. (LP: #1837734)

applied/ubuntu/disco-proposed 2019-07-30 18:58:17 UTC 2019-07-30
Import patches-applied version 2:3.42-1ubuntu2.2 to applied/ubuntu/disco-prop...

Author: Vineetha Kamath
Author Date: 2019-07-24 13:19:43 UTC

Import patches-applied version 2:3.42-1ubuntu2.2 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 2c15e66f839c8e19ec3e1b1fc8ea23d94f7d33b8
Unapplied parent: 8350579da777aee0d2a80bfe675b2f97af9be2c1

New changelog entries:
  * Disable reading fips_enabled flag on a FIPS enabled system. libnss
    is not a FIPS certified library. (LP: #1837734)

applied/ubuntu/eoan-proposed 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: ae8d2b26057c076e3f4e0f03b58cf2a09b6141aa
Unapplied parent: 189efc895675dc4dc02eaeaaf5c295536376811e

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

applied/ubuntu/eoan 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: ae8d2b26057c076e3f4e0f03b58cf2a09b6141aa
Unapplied parent: 189efc895675dc4dc02eaeaaf5c295536376811e

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

applied/ubuntu/eoan-devel 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: ae8d2b26057c076e3f4e0f03b58cf2a09b6141aa
Unapplied parent: 189efc895675dc4dc02eaeaaf5c295536376811e

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

applied/ubuntu/devel 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-applied version 2:3.45-1ubuntu2 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: ae8d2b26057c076e3f4e0f03b58cf2a09b6141aa
Unapplied parent: 189efc895675dc4dc02eaeaaf5c295536376811e

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

ubuntu/eoan-proposed 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 72b54733cc8d7b8d18c1bb53a21f17fe30f26289

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

ubuntu/eoan 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 72b54733cc8d7b8d18c1bb53a21f17fe30f26289

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

ubuntu/devel 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 72b54733cc8d7b8d18c1bb53a21f17fe30f26289

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

ubuntu/eoan-devel 2019-07-24 17:03:20 UTC 2019-07-24
Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Author: Vineetha Kamath
Author Date: 2019-07-23 20:58:12 UTC

Import patches-unapplied version 2:3.45-1ubuntu2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 72b54733cc8d7b8d18c1bb53a21f17fe30f26289

New changelog entries:
  * Disable reading fips_enabled flag in FIPS mode. libnss is
    not a FIPS certified library. (LP: #1837734)

applied/ubuntu/bionic-security 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-applied version 2:3.35-2ubuntu2.3 to applied/ubuntu/bionic-sec...

Author: Marc Deslauriers
Author Date: 2019-07-12 12:16:27 UTC

Import patches-applied version 2:3.35-2ubuntu2.3 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: d40048f0de748a8fe9404fdc842dea9db2dcede3
Unapplied parent: fd1576c12f1a577399195bfbe5369fd06e922557

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

applied/ubuntu/disco-updates 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-applied version 2:3.42-1ubuntu2.1 to applied/ubuntu/disco-secu...

Author: Marc Deslauriers
Author Date: 2019-07-12 11:48:06 UTC

Import patches-applied version 2:3.42-1ubuntu2.1 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 142067dde601d3b5a0dfb68142a4d35f8816134f
Unapplied parent: cdaa985435be9754e28ecce31eea1c6bab9af0cc

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: incorrect use of PKCS#1 v1.5 signatures with TLSv1.3
    - debian/patches/CVE-2019-11727.patch: prohibit use of
      RSASSA-PKCS1-v1_5 algorithms in TLS 1.3 in
      nss/gtests/ssl_gtest/ssl_auth_unittest.cc,
      nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
      nss/gtests/ssl_gtest/ssl_extension_unittest.cc,
      nss/lib/ssl/ssl3con.c.
    - CVE-2019-11727
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

applied/ubuntu/disco-security 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-applied version 2:3.42-1ubuntu2.1 to applied/ubuntu/disco-secu...

Author: Marc Deslauriers
Author Date: 2019-07-12 11:48:06 UTC

Import patches-applied version 2:3.42-1ubuntu2.1 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 142067dde601d3b5a0dfb68142a4d35f8816134f
Unapplied parent: cdaa985435be9754e28ecce31eea1c6bab9af0cc

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: incorrect use of PKCS#1 v1.5 signatures with TLSv1.3
    - debian/patches/CVE-2019-11727.patch: prohibit use of
      RSASSA-PKCS1-v1_5 algorithms in TLS 1.3 in
      nss/gtests/ssl_gtest/ssl_auth_unittest.cc,
      nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
      nss/gtests/ssl_gtest/ssl_extension_unittest.cc,
      nss/lib/ssl/ssl3con.c.
    - CVE-2019-11727
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

ubuntu/xenial-updates 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.6 to ubuntu/xenial-s...

Author: Marc Deslauriers
Author Date: 2019-07-12 12:23:50 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.6 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 71480e4002d6fb1cae8c6ad2b8dfb6236b67a325

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - CVE-2019-11729

applied/ubuntu/xenial-security 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-applied version 2:3.28.4-0ubuntu0.16.04.6 to applied/ubuntu/xe...

Author: Marc Deslauriers
Author Date: 2019-07-12 12:23:50 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.04.6 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 55938232198ba057ed86429cc82fb5f791a6bfa5
Unapplied parent: 59f3bf74f0838f2894181b64cb959088672d1ad2

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - CVE-2019-11729

ubuntu/bionic-security 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-unapplied version 2:3.35-2ubuntu2.3 to ubuntu/bionic-security

Author: Marc Deslauriers
Author Date: 2019-07-12 12:16:27 UTC

Import patches-unapplied version 2:3.35-2ubuntu2.3 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: bb92687af8d35dcb759f32840cb11b1954c9a725

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

applied/ubuntu/xenial-updates 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-applied version 2:3.28.4-0ubuntu0.16.04.6 to applied/ubuntu/xe...

Author: Marc Deslauriers
Author Date: 2019-07-12 12:23:50 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.04.6 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 55938232198ba057ed86429cc82fb5f791a6bfa5
Unapplied parent: 59f3bf74f0838f2894181b64cb959088672d1ad2

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - CVE-2019-11729

ubuntu/disco-security 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-unapplied version 2:3.42-1ubuntu2.1 to ubuntu/disco-security

Author: Marc Deslauriers
Author Date: 2019-07-12 11:48:06 UTC

Import patches-unapplied version 2:3.42-1ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 814fa5742e227b6ebecd32e6078bc745eeb07742

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: incorrect use of PKCS#1 v1.5 signatures with TLSv1.3
    - debian/patches/CVE-2019-11727.patch: prohibit use of
      RSASSA-PKCS1-v1_5 algorithms in TLS 1.3 in
      nss/gtests/ssl_gtest/ssl_auth_unittest.cc,
      nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
      nss/gtests/ssl_gtest/ssl_extension_unittest.cc,
      nss/lib/ssl/ssl3con.c.
    - CVE-2019-11727
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

ubuntu/xenial-security 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.6 to ubuntu/xenial-s...

Author: Marc Deslauriers
Author Date: 2019-07-12 12:23:50 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.04.6 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 71480e4002d6fb1cae8c6ad2b8dfb6236b67a325

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - CVE-2019-11729

applied/ubuntu/bionic-updates 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-applied version 2:3.35-2ubuntu2.3 to applied/ubuntu/bionic-sec...

Author: Marc Deslauriers
Author Date: 2019-07-12 12:16:27 UTC

Import patches-applied version 2:3.35-2ubuntu2.3 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: d40048f0de748a8fe9404fdc842dea9db2dcede3
Unapplied parent: fd1576c12f1a577399195bfbe5369fd06e922557

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

ubuntu/bionic-updates 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-unapplied version 2:3.35-2ubuntu2.3 to ubuntu/bionic-security

Author: Marc Deslauriers
Author Date: 2019-07-12 12:16:27 UTC

Import patches-unapplied version 2:3.35-2ubuntu2.3 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: bb92687af8d35dcb759f32840cb11b1954c9a725

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

ubuntu/disco-updates 2019-07-16 12:08:14 UTC 2019-07-16
Import patches-unapplied version 2:3.42-1ubuntu2.1 to ubuntu/disco-security

Author: Marc Deslauriers
Author Date: 2019-07-12 11:48:06 UTC

Import patches-unapplied version 2:3.42-1ubuntu2.1 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 814fa5742e227b6ebecd32e6078bc745eeb07742

New changelog entries:
  * SECURITY UPDATE: OOB read when importing a curve25519 private key
    - debian/patches/CVE-2019-11719.patch: don't unnecessarily strip
      leading 0's from key material during PKCS11 import in
      nss/lib/freebl/ecl/ecp_25519.c, nss/lib/pk11wrap/pk11akey.c,
      nss/lib/pk11wrap/pk11cert.c, nss/lib/pk11wrap/pk11pk12.c,
      nss/lib/softoken/legacydb/lgattr.c, nss/lib/softoken/pkcs11c.c.
    - CVE-2019-11719
  * SECURITY UPDATE: incorrect use of PKCS#1 v1.5 signatures with TLSv1.3
    - debian/patches/CVE-2019-11727.patch: prohibit use of
      RSASSA-PKCS1-v1_5 algorithms in TLS 1.3 in
      nss/gtests/ssl_gtest/ssl_auth_unittest.cc,
      nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc,
      nss/gtests/ssl_gtest/ssl_extension_unittest.cc,
      nss/lib/ssl/ssl3con.c.
    - CVE-2019-11727
  * SECURITY UPDATE: segfault via empty or malformed p256-ECDH public keys
    - debian/patches/CVE-2019-11729-1.patch: more thorough input checking
      in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
      nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
    - debian/patches/CVE-2019-11729-2.patch: ignore spki decode failures on
      negative tests in nss/gtests/pk11_gtest/pk11_curve25519_unittest.cc.
    - CVE-2019-11729

debian/sid 2019-07-10 04:41:26 UTC 2019-07-10
Import patches-unapplied version 2:3.45-1 to debian/sid

Author: Mike Hommey
Author Date: 2019-07-09 22:34:18 UTC

Import patches-unapplied version 2:3.45-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: bd81360390b629729e8a2f26855f12696fecb46b

New changelog entries:
  * New upstream release.
    - Fixes CVE-2019-11727 and CVE-2019-11719.
  * debian/libnss3.symbols: Add NSS_3_45 symbol version.

applied/debian/sid 2019-07-10 04:41:26 UTC 2019-07-10
Import patches-applied version 2:3.45-1 to applied/debian/sid

Author: Mike Hommey
Author Date: 2019-07-09 22:34:18 UTC

Import patches-applied version 2:3.45-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: ae8fa792c0d43696069166fbc0181825f7f6966f
Unapplied parent: 7e80ed44c7921d6874cff02f50f4f6edbfcf2199

New changelog entries:
  * New upstream release.
    - Fixes CVE-2019-11727 and CVE-2019-11719.
  * debian/libnss3.symbols: Add NSS_3_45 symbol version.

debian/experimental 2019-06-02 10:26:38 UTC 2019-06-02
Import patches-unapplied version 2:3.44.0-1 to debian/experimental

Author: Mike Hommey
Author Date: 2019-06-02 04:06:26 UTC

Import patches-unapplied version 2:3.44.0-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 03392d81c018c29439a3229f33baec0bd2c54913

New changelog entries:
  * debian/libnss3.symbols:
    - Update the version needed for
    SSL_Get{CipherSuite,Channel,PreliminaryChannel}Info.
    - Adjust versions so that 3.44+really3.42.1-1 is considered older where it
    matters.
  * Reverse to 3.42.1. Building against 3.44 induces some behavior
    differences when running against older versions, which could normally
    be solved with updates to the symbols file, but since 3.44 is not meant
    to ship in Buster, avoid disruption for nss reverse dependencies until
    Buster is released by going back to previous version.

applied/debian/experimental 2019-06-02 10:26:38 UTC 2019-06-02
Import patches-applied version 2:3.44.0-1 to applied/debian/experimental

Author: Mike Hommey
Author Date: 2019-06-02 04:06:26 UTC

Import patches-applied version 2:3.44.0-1 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: cc4302f3eb22a8ed8da576ed3822014e7bfb102f
Unapplied parent: ca440dcf72d93f04d712cb81bed6cc5ab1f720e2

New changelog entries:
  * debian/libnss3.symbols:
    - Update the version needed for
    SSL_Get{CipherSuite,Channel,PreliminaryChannel}Info.
    - Adjust versions so that 3.44+really3.42.1-1 is considered older where it
    matters.
  * Reverse to 3.42.1. Building against 3.44 induces some behavior
    differences when running against older versions, which could normally
    be solved with updates to the symbols file, but since 3.44 is not meant
    to ship in Buster, avoid disruption for nss reverse dependencies until
    Buster is released by going back to previous version.

ubuntu/trusty-updates 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-unapplied version 2:3.28.4-0ubuntu0.14.04.5 to ubuntu/trusty-s...

Author: Marc Deslauriers
Author Date: 2019-02-19 13:41:32 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.14.04.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 9fd7bc26cfb03bdca6e4b9c6f709c5998609e915

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/trusty-updates 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-applied version 2:3.28.4-0ubuntu0.14.04.5 to applied/ubuntu/tr...

Author: Marc Deslauriers
Author Date: 2019-02-19 13:41:32 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.14.04.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 57840c9fa74e1cf43ead1869e1a3dad06a3a0ea5
Unapplied parent: 7b5fb08e34dbc2de9dcc2736a7e3bcc36b493271

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/trusty-security 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-unapplied version 2:3.28.4-0ubuntu0.14.04.5 to ubuntu/trusty-s...

Author: Marc Deslauriers
Author Date: 2019-02-19 13:41:32 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.14.04.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 9fd7bc26cfb03bdca6e4b9c6f709c5998609e915

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/cosmic-security 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-applied version 2:3.36.1-1ubuntu1.2 to applied/ubuntu/cosmic-s...

Author: Marc Deslauriers
Author Date: 2019-02-19 12:37:53 UTC

Import patches-applied version 2:3.36.1-1ubuntu1.2 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 6696aedce743d06097469c6ffd77b42aa1f46656
Unapplied parent: a56e40fd4acb818c7ad066e52a95394f02821d22

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/trusty-security 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-applied version 2:3.28.4-0ubuntu0.14.04.5 to applied/ubuntu/tr...

Author: Marc Deslauriers
Author Date: 2019-02-19 13:41:32 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.14.04.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 57840c9fa74e1cf43ead1869e1a3dad06a3a0ea5
Unapplied parent: 7b5fb08e34dbc2de9dcc2736a7e3bcc36b493271

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/trusty-devel 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-applied version 2:3.28.4-0ubuntu0.14.04.5 to applied/ubuntu/tr...

Author: Marc Deslauriers
Author Date: 2019-02-19 13:41:32 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.14.04.5 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 57840c9fa74e1cf43ead1869e1a3dad06a3a0ea5
Unapplied parent: 7b5fb08e34dbc2de9dcc2736a7e3bcc36b493271

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/cosmic-updates 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-unapplied version 2:3.36.1-1ubuntu1.2 to ubuntu/cosmic-security

Author: Marc Deslauriers
Author Date: 2019-02-19 12:37:53 UTC

Import patches-unapplied version 2:3.36.1-1ubuntu1.2 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 980b7e137ab9653de6323ec3144b06e7fdfa0808

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/trusty-devel 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-unapplied version 2:3.28.4-0ubuntu0.14.04.5 to ubuntu/trusty-s...

Author: Marc Deslauriers
Author Date: 2019-02-19 13:41:32 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.14.04.5 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 9fd7bc26cfb03bdca6e4b9c6f709c5998609e915

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/cosmic-updates 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-applied version 2:3.36.1-1ubuntu1.2 to applied/ubuntu/cosmic-s...

Author: Marc Deslauriers
Author Date: 2019-02-19 12:37:53 UTC

Import patches-applied version 2:3.36.1-1ubuntu1.2 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 6696aedce743d06097469c6ffd77b42aa1f46656
Unapplied parent: a56e40fd4acb818c7ad066e52a95394f02821d22

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/cosmic-security 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-unapplied version 2:3.36.1-1ubuntu1.2 to ubuntu/cosmic-security

Author: Marc Deslauriers
Author Date: 2019-02-19 12:37:53 UTC

Import patches-unapplied version 2:3.36.1-1ubuntu1.2 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 980b7e137ab9653de6323ec3144b06e7fdfa0808

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/cosmic-devel 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-unapplied version 2:3.36.1-1ubuntu1.2 to ubuntu/cosmic-security

Author: Marc Deslauriers
Author Date: 2019-02-19 12:37:53 UTC

Import patches-unapplied version 2:3.36.1-1ubuntu1.2 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 980b7e137ab9653de6323ec3144b06e7fdfa0808

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/cosmic-devel 2019-02-27 17:13:12 UTC 2019-02-27
Import patches-applied version 2:3.36.1-1ubuntu1.2 to applied/ubuntu/cosmic-s...

Author: Marc Deslauriers
Author Date: 2019-02-19 12:37:53 UTC

Import patches-applied version 2:3.36.1-1ubuntu1.2 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 6696aedce743d06097469c6ffd77b42aa1f46656
Unapplied parent: a56e40fd4acb818c7ad066e52a95394f02821d22

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/disco 2019-02-19 12:43:12 UTC 2019-02-19
Import patches-unapplied version 2:3.42-1ubuntu2 to ubuntu/disco-proposed

Author: Marc Deslauriers
Author Date: 2019-02-19 11:04:49 UTC

Import patches-unapplied version 2:3.42-1ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 706ffe05c76e7b2f61eb044617fd7a099ce5bafe

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

applied/ubuntu/disco 2019-02-19 12:43:12 UTC 2019-02-19
Import patches-applied version 2:3.42-1ubuntu2 to applied/ubuntu/disco-proposed

Author: Marc Deslauriers
Author Date: 2019-02-19 11:04:49 UTC

Import patches-applied version 2:3.42-1ubuntu2 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 6954bc3f6c2f12f010cb29d29249ee990ee21116
Unapplied parent: 0ba475aea3a62d34af4b1f241d9feb82e72fed13

New changelog entries:
  * SECURITY UPDATE: DoS in NULL pointer dereference in CMS functions
    - debian/patches/CVE-2018-18508-1.patch: add null checks in
      nss/lib/smime/cmscinfo.c, nss/lib/smime/cmsdigdata.c,
      nss/lib/smime/cmsencdata.c, nss/lib/smime/cmsenvdata.c,
      nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
    - debian/patches/CVE-2018-18508-2.patch: add null checks in
      nss/lib/smime/cmsmessage.c.
    - CVE-2018-18508

ubuntu/cosmic-proposed 2018-05-12 06:58:50 UTC 2018-05-12
Import patches-unapplied version 2:3.36.1-1ubuntu1 to ubuntu/cosmic-proposed

Author: Christian Ehrhardt 
Author Date: 2018-05-07 15:08:46 UTC

Import patches-unapplied version 2:3.36.1-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 9c8a37f941edaba6af7a7a18a541cbbabf8e911b

ubuntu/cosmic 2018-05-12 06:58:50 UTC 2018-05-12
Import patches-unapplied version 2:3.36.1-1ubuntu1 to ubuntu/cosmic-proposed

Author: Christian Ehrhardt 
Author Date: 2018-05-07 15:08:46 UTC

Import patches-unapplied version 2:3.36.1-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Upload parent: 9c8a37f941edaba6af7a7a18a541cbbabf8e911b

applied/ubuntu/cosmic-proposed 2018-05-12 06:58:50 UTC 2018-05-12
Import patches-applied version 2:3.36.1-1ubuntu1 to applied/ubuntu/cosmic-pro...

Author: Christian Ehrhardt 
Author Date: 2018-05-07 15:08:46 UTC

Import patches-applied version 2:3.36.1-1ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: cdab85f11c845f29ada913a54ef36da1362791d9
Unapplied parent: ff3bb26846832a2944a9d59f22747e039773798d

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - d/libnss3.links: make freebl3 available as library (LP 1744328)
      - d/control: add dh-exec to Build-Depends
      - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
    - d/rules: when building with -O3 on ppc64el this FTBFS, build with
      -Wno-error=maybe-uninitialized to avoid that
  * Dropped changes:
    - revert switching to SQL default format (LP: 1746947) Dropping this
      adresses (LP: #1747411) and effectively means we now switch to the new
      default format after we ensured all depending packages are ready.
  * Added changes:
    - d/rules: extended the FTBFS to -O3 on ppc64el to only apply on ppc64el

applied/ubuntu/cosmic 2018-05-12 06:58:50 UTC 2018-05-12
Import patches-applied version 2:3.36.1-1ubuntu1 to applied/ubuntu/cosmic-pro...

Author: Christian Ehrhardt 
Author Date: 2018-05-07 15:08:46 UTC

Import patches-applied version 2:3.36.1-1ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: cdab85f11c845f29ada913a54ef36da1362791d9
Unapplied parent: ff3bb26846832a2944a9d59f22747e039773798d

New changelog entries:
  * Merge with Debian unstable. Remaining changes:
    - d/libnss3.links: make freebl3 available as library (LP 1744328)
      - d/control: add dh-exec to Build-Depends
      - d/rules: make mkdir tolerate debian/tmp existing (due to dh-exec)
    - d/rules: when building with -O3 on ppc64el this FTBFS, build with
      -Wno-error=maybe-uninitialized to avoid that
  * Dropped changes:
    - revert switching to SQL default format (LP: 1746947) Dropping this
      adresses (LP: #1747411) and effectively means we now switch to the new
      default format after we ensured all depending packages are ready.
  * Added changes:
    - d/rules: extended the FTBFS to -O3 on ppc64el to only apply on ppc64el

importer/debian/pristine-tar 2018-04-09 18:51:23 UTC 2018-04-09
pristine-tar data for nss_3.36.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-04-09 18:51:23 UTC

pristine-tar data for nss_3.36.orig.tar.gz

importer/ubuntu/pristine-tar 2018-03-08 00:26:48 UTC 2018-03-08
pristine-tar data for nss_3.35.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-08 00:26:48 UTC

pristine-tar data for nss_3.35.orig.tar.gz

applied/ubuntu/bionic 2018-02-05 11:48:18 UTC 2018-02-05
Import patches-applied version 2:3.35-2ubuntu2 to applied/ubuntu/bionic-proposed

Author: Christian Ehrhardt 
Author Date: 2018-02-05 10:36:07 UTC

Import patches-applied version 2:3.35-2ubuntu2 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 6af17025f95d7f9f91a0cf0fe4ec4146298d7fad
Unapplied parent: 884164b402ca10dbe06ef4336d5d3e166dd2287f

New changelog entries:
  * d/p/lp1746947-revert-switch-default-to-sql.patch: the switch of the
    default is still causing too much issues in consumers of nss.
    So until resolved revert the switched default (LP: #1746947)

ubuntu/bionic 2018-02-05 11:48:18 UTC 2018-02-05
Import patches-unapplied version 2:3.35-2ubuntu2 to ubuntu/bionic-proposed

Author: Christian Ehrhardt 
Author Date: 2018-02-05 10:36:07 UTC

Import patches-unapplied version 2:3.35-2ubuntu2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 8b7104ca32609accde32f6709a39439058c88ad0
Upload parent: 4d5a2419f08b9fa0bb504d4115e558b10a5cbd6f

New changelog entries:
  * d/p/lp1746947-revert-switch-default-to-sql.patch: the switch of the
    default is still causing too much issues in consumers of nss.
    So until resolved revert the switched default (LP: #1746947)

debian/jessie 2017-12-09 17:52:45 UTC 2017-12-09
Import patches-unapplied version 2:3.26-1+debu8u3 to debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2017-10-07 19:33:20 UTC

Import patches-unapplied version 2:3.26-1+debu8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 50a941ca88225ca1512f94e5652deae878cc266b

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2017-7805: Potential use-after-free in TLS 1.2 server when verifying
    client authentication

applied/debian/jessie 2017-12-09 17:52:45 UTC 2017-12-09
Import patches-applied version 2:3.26-1+debu8u3 to applied/debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2017-10-07 19:33:20 UTC

Import patches-applied version 2:3.26-1+debu8u3 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: efcd78d3a0a4162c53b31cd44d4b5ebc3a680662
Unapplied parent: 25420d70fd165cd089e8e25542ef69b054510f6f

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2017-7805: Potential use-after-free in TLS 1.2 server when verifying
    client authentication

applied/debian/stretch 2017-12-09 17:18:55 UTC 2017-12-09
Import patches-applied version 2:3.26.2-1.1+deb9u1 to applied/debian/stretch

Author: Salvatore Bonaccorso
Author Date: 2017-10-07 15:32:51 UTC

Import patches-applied version 2:3.26.2-1.1+deb9u1 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: c669a1ca761ea9ca6406cd52ad2071fd183588cb
Unapplied parent: 9057821984b7513260c99e53fe6a6c299675744b

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2017-7805: Potential use-after-free in TLS 1.2 server when verifying
    client authentication

debian/stretch 2017-12-09 17:18:55 UTC 2017-12-09
Import patches-unapplied version 2:3.26.2-1.1+deb9u1 to debian/stretch

Author: Salvatore Bonaccorso
Author Date: 2017-10-07 15:32:51 UTC

Import patches-unapplied version 2:3.26.2-1.1+deb9u1 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: e78b81fdb20fe4a377c9271ae6cf89609794fa88

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2017-7805: Potential use-after-free in TLS 1.2 server when verifying
    client authentication

applied/ubuntu/zesty-updates 2017-10-02 14:05:58 UTC 2017-10-02
Import patches-applied version 2:3.28.4-0ubuntu0.17.04.3 to applied/ubuntu/ze...

Author: Marc Deslauriers
Author Date: 2017-09-29 12:51:29 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.17.04.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 4bad132cfc66c70a5ca451deb49966a0ad03db22
Unapplied parent: 8c17e90025f19afca0895c05e82ab3ff509389e6

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

ubuntu/zesty-updates 2017-10-02 14:05:58 UTC 2017-10-02
Import patches-unapplied version 2:3.28.4-0ubuntu0.17.04.3 to ubuntu/zesty-se...

Author: Marc Deslauriers
Author Date: 2017-09-29 12:51:29 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.17.04.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: d680d61ec5fd4fa12e3dbb4d28aec2bffe6748b1

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

ubuntu/zesty-security 2017-10-02 14:05:58 UTC 2017-10-02
Import patches-unapplied version 2:3.28.4-0ubuntu0.17.04.3 to ubuntu/zesty-se...

Author: Marc Deslauriers
Author Date: 2017-09-29 12:51:29 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.17.04.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: d680d61ec5fd4fa12e3dbb4d28aec2bffe6748b1

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

applied/ubuntu/zesty-devel 2017-10-02 14:05:58 UTC 2017-10-02
Import patches-applied version 2:3.28.4-0ubuntu0.17.04.3 to applied/ubuntu/ze...

Author: Marc Deslauriers
Author Date: 2017-09-29 12:51:29 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.17.04.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 4bad132cfc66c70a5ca451deb49966a0ad03db22
Unapplied parent: 8c17e90025f19afca0895c05e82ab3ff509389e6

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

ubuntu/zesty-devel 2017-10-02 14:05:58 UTC 2017-10-02
Import patches-unapplied version 2:3.28.4-0ubuntu0.17.04.3 to ubuntu/zesty-se...

Author: Marc Deslauriers
Author Date: 2017-09-29 12:51:29 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.17.04.3 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: d680d61ec5fd4fa12e3dbb4d28aec2bffe6748b1

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

applied/ubuntu/zesty-security 2017-10-02 14:05:58 UTC 2017-10-02
Import patches-applied version 2:3.28.4-0ubuntu0.17.04.3 to applied/ubuntu/ze...

Author: Marc Deslauriers
Author Date: 2017-09-29 12:51:29 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.17.04.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: 4bad132cfc66c70a5ca451deb49966a0ad03db22
Unapplied parent: 8c17e90025f19afca0895c05e82ab3ff509389e6

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

ubuntu/artful 2017-10-01 18:28:15 UTC 2017-10-01
Import patches-unapplied version 2:3.32-1ubuntu3 to ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-29 16:17:39 UTC

Import patches-unapplied version 2:3.32-1ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 0b344bb41e1c20561f423e79d91d8dd4bb3e4719

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

applied/ubuntu/artful-proposed 2017-10-01 18:28:15 UTC 2017-10-01
Import patches-applied version 2:3.32-1ubuntu3 to applied/ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-29 16:17:39 UTC

Import patches-applied version 2:3.32-1ubuntu3 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 57f0196c1b68ab3d7d316f0ea6530791f43477bd
Unapplied parent: 265c359df335d63922915d399c095522b91fed5d

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

applied/ubuntu/artful-devel 2017-10-01 18:28:15 UTC 2017-10-01
Import patches-applied version 2:3.32-1ubuntu3 to applied/ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-29 16:17:39 UTC

Import patches-applied version 2:3.32-1ubuntu3 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 57f0196c1b68ab3d7d316f0ea6530791f43477bd
Unapplied parent: 265c359df335d63922915d399c095522b91fed5d

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

ubuntu/artful-devel 2017-10-01 18:28:15 UTC 2017-10-01
Import patches-unapplied version 2:3.32-1ubuntu3 to ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-29 16:17:39 UTC

Import patches-unapplied version 2:3.32-1ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 0b344bb41e1c20561f423e79d91d8dd4bb3e4719

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

ubuntu/artful-proposed 2017-10-01 18:28:15 UTC 2017-10-01
Import patches-unapplied version 2:3.32-1ubuntu3 to ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-29 16:17:39 UTC

Import patches-unapplied version 2:3.32-1ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 0b344bb41e1c20561f423e79d91d8dd4bb3e4719

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

applied/ubuntu/artful 2017-10-01 18:28:15 UTC 2017-10-01
Import patches-applied version 2:3.32-1ubuntu3 to applied/ubuntu/artful-proposed

Author: Marc Deslauriers
Author Date: 2017-09-29 16:17:39 UTC

Import patches-applied version 2:3.32-1ubuntu3 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 57f0196c1b68ab3d7d316f0ea6530791f43477bd
Unapplied parent: 265c359df335d63922915d399c095522b91fed5d

New changelog entries:
  * SECURITY UPDATE: Use-after-free in TLS 1.2 generating handshake hashes
    - debian/patches/CVE-2017-7805.patch: Simplify handling of
      CertificateVerify in nss/lib/ssl/ssl3con.c, nss/lib/ssl/ssl3prot.h.
    - CVE-2017-7805

applied/ubuntu/yakkety-devel 2017-06-21 16:38:47 UTC 2017-06-21
Import patches-applied version 2:3.28.4-0ubuntu0.16.10.2 to applied/ubuntu/ya...

Author: Marc Deslauriers
Author Date: 2017-06-16 12:13:22 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.10.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: a3a94433ce9d275c6129a31fe9d0bbbaa97bc018
Unapplied parent: dc13b885b4f23f1ca19b66082fa840c559f95dcf

New changelog entries:
  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

applied/ubuntu/yakkety-updates 2017-06-21 16:38:47 UTC 2017-06-21
Import patches-applied version 2:3.28.4-0ubuntu0.16.10.2 to applied/ubuntu/ya...

Author: Marc Deslauriers
Author Date: 2017-06-16 12:13:22 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.10.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: a3a94433ce9d275c6129a31fe9d0bbbaa97bc018
Unapplied parent: dc13b885b4f23f1ca19b66082fa840c559f95dcf

New changelog entries:
  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

ubuntu/yakkety-security 2017-06-21 16:38:47 UTC 2017-06-21
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.10.2 to ubuntu/yakkety-...

Author: Marc Deslauriers
Author Date: 2017-06-16 12:13:22 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.10.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 7a720479d1227cf05cfe2ef13fb349c55fa86848

New changelog entries:
  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

ubuntu/yakkety-devel 2017-06-21 16:38:47 UTC 2017-06-21
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.10.2 to ubuntu/yakkety-...

Author: Marc Deslauriers
Author Date: 2017-06-16 12:13:22 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.10.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 7a720479d1227cf05cfe2ef13fb349c55fa86848

New changelog entries:
  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

applied/ubuntu/yakkety-security 2017-06-21 16:38:47 UTC 2017-06-21
Import patches-applied version 2:3.28.4-0ubuntu0.16.10.2 to applied/ubuntu/ya...

Author: Marc Deslauriers
Author Date: 2017-06-16 12:13:22 UTC

Import patches-applied version 2:3.28.4-0ubuntu0.16.10.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: a3a94433ce9d275c6129a31fe9d0bbbaa97bc018
Unapplied parent: dc13b885b4f23f1ca19b66082fa840c559f95dcf

New changelog entries:
  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

ubuntu/yakkety-updates 2017-06-21 16:38:47 UTC 2017-06-21
Import patches-unapplied version 2:3.28.4-0ubuntu0.16.10.2 to ubuntu/yakkety-...

Author: Marc Deslauriers
Author Date: 2017-06-16 12:13:22 UTC

Import patches-unapplied version 2:3.28.4-0ubuntu0.16.10.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 7a720479d1227cf05cfe2ef13fb349c55fa86848

New changelog entries:
  * SECURITY UPDATE: DoS via empty SSLv2 messages
    - debian/patches/CVE-2017-7502.patch: reject broken v2 records in
      nss/lib/ssl/ssl3gthr.c, nss/lib/ssl/ssldef.c, nss/lib/ssl/sslimpl.h,
      added tests to nss/gtests/ssl_gtest/ssl_gather_unittest.cc,
      nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
      nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
    - CVE-2017-7502

ubuntu/precise-security 2017-01-04 16:08:26 UTC 2017-01-04
Import patches-unapplied version 2:3.26.2-0ubuntu0.12.04.1 to ubuntu/precise-...

Author: Marc Deslauriers
Author Date: 2016-12-02 18:27:18 UTC

Import patches-unapplied version 2:3.26.2-0ubuntu0.12.04.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0e6db9a73f03773e8918710d11bd01401f666980

New changelog entries:
  * Updated to upstream 3.26.2 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: denial of service via invalid DH keys
    - CVE-2016-5285
  * SECURITY UPDATE: small subgroup confinement attack
    - CVE-2016-8635
  * SECURITY UPDATE: insufficient mitigation of timing side-channel attack
    - CVE-2016-9074
  * debian/rules: added libfreeblpriv3.so.
  * debian/libnss3.symbols: updated for new version, added
    SSL_GetCipherSuiteInfo and SSL_GetChannelInfo as they are not backwards
    compatible.
  * debian/patches/*.patch: refreshed for new version.
  * debian/rules: disable tests that fail to build with old GCC.
  * debian/patches/disable_chacha_test.patch: removed, no longer required.

ubuntu/precise-devel 2017-01-04 16:08:26 UTC 2017-01-04
Import patches-unapplied version 2:3.26.2-0ubuntu0.12.04.1 to ubuntu/precise-...

Author: Marc Deslauriers
Author Date: 2016-12-02 18:27:18 UTC

Import patches-unapplied version 2:3.26.2-0ubuntu0.12.04.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0e6db9a73f03773e8918710d11bd01401f666980

New changelog entries:
  * Updated to upstream 3.26.2 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: denial of service via invalid DH keys
    - CVE-2016-5285
  * SECURITY UPDATE: small subgroup confinement attack
    - CVE-2016-8635
  * SECURITY UPDATE: insufficient mitigation of timing side-channel attack
    - CVE-2016-9074
  * debian/rules: added libfreeblpriv3.so.
  * debian/libnss3.symbols: updated for new version, added
    SSL_GetCipherSuiteInfo and SSL_GetChannelInfo as they are not backwards
    compatible.
  * debian/patches/*.patch: refreshed for new version.
  * debian/rules: disable tests that fail to build with old GCC.
  * debian/patches/disable_chacha_test.patch: removed, no longer required.

ubuntu/precise-updates 2017-01-04 16:08:26 UTC 2017-01-04
Import patches-unapplied version 2:3.26.2-0ubuntu0.12.04.1 to ubuntu/precise-...

Author: Marc Deslauriers
Author Date: 2016-12-02 18:27:18 UTC

Import patches-unapplied version 2:3.26.2-0ubuntu0.12.04.1 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0e6db9a73f03773e8918710d11bd01401f666980

New changelog entries:
  * Updated to upstream 3.26.2 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: denial of service via invalid DH keys
    - CVE-2016-5285
  * SECURITY UPDATE: small subgroup confinement attack
    - CVE-2016-8635
  * SECURITY UPDATE: insufficient mitigation of timing side-channel attack
    - CVE-2016-9074
  * debian/rules: added libfreeblpriv3.so.
  * debian/libnss3.symbols: updated for new version, added
    SSL_GetCipherSuiteInfo and SSL_GetChannelInfo as they are not backwards
    compatible.
  * debian/patches/*.patch: refreshed for new version.
  * debian/rules: disable tests that fail to build with old GCC.
  * debian/patches/disable_chacha_test.patch: removed, no longer required.

applied/ubuntu/precise-updates 2017-01-04 16:08:26 UTC 2017-01-04
Import patches-applied version 2:3.26.2-0ubuntu0.12.04.1 to applied/ubuntu/pr...

Author: Marc Deslauriers
Author Date: 2016-12-02 18:27:18 UTC

Import patches-applied version 2:3.26.2-0ubuntu0.12.04.1 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 20c45cccb2c673cdf2086ab64b10343e94ce119e
Unapplied parent: 29ad74793a221202f83cac5cba1340f9423a9f89

New changelog entries:
  * Updated to upstream 3.26.2 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: denial of service via invalid DH keys
    - CVE-2016-5285
  * SECURITY UPDATE: small subgroup confinement attack
    - CVE-2016-8635
  * SECURITY UPDATE: insufficient mitigation of timing side-channel attack
    - CVE-2016-9074
  * debian/rules: added libfreeblpriv3.so.
  * debian/libnss3.symbols: updated for new version, added
    SSL_GetCipherSuiteInfo and SSL_GetChannelInfo as they are not backwards
    compatible.
  * debian/patches/*.patch: refreshed for new version.
  * debian/rules: disable tests that fail to build with old GCC.
  * debian/patches/disable_chacha_test.patch: removed, no longer required.

applied/ubuntu/precise-security 2017-01-04 16:08:26 UTC 2017-01-04
Import patches-applied version 2:3.26.2-0ubuntu0.12.04.1 to applied/ubuntu/pr...

Author: Marc Deslauriers
Author Date: 2016-12-02 18:27:18 UTC

Import patches-applied version 2:3.26.2-0ubuntu0.12.04.1 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 20c45cccb2c673cdf2086ab64b10343e94ce119e
Unapplied parent: 29ad74793a221202f83cac5cba1340f9423a9f89

New changelog entries:
  * Updated to upstream 3.26.2 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: denial of service via invalid DH keys
    - CVE-2016-5285
  * SECURITY UPDATE: small subgroup confinement attack
    - CVE-2016-8635
  * SECURITY UPDATE: insufficient mitigation of timing side-channel attack
    - CVE-2016-9074
  * debian/rules: added libfreeblpriv3.so.
  * debian/libnss3.symbols: updated for new version, added
    SSL_GetCipherSuiteInfo and SSL_GetChannelInfo as they are not backwards
    compatible.
  * debian/patches/*.patch: refreshed for new version.
  * debian/rules: disable tests that fail to build with old GCC.
  * debian/patches/disable_chacha_test.patch: removed, no longer required.

applied/ubuntu/precise-devel 2017-01-04 16:08:26 UTC 2017-01-04
Import patches-applied version 2:3.26.2-0ubuntu0.12.04.1 to applied/ubuntu/pr...

Author: Marc Deslauriers
Author Date: 2016-12-02 18:27:18 UTC

Import patches-applied version 2:3.26.2-0ubuntu0.12.04.1 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 20c45cccb2c673cdf2086ab64b10343e94ce119e
Unapplied parent: 29ad74793a221202f83cac5cba1340f9423a9f89

New changelog entries:
  * Updated to upstream 3.26.2 to fix security issues and get a new CA
    certificate bundle.
  * SECURITY UPDATE: denial of service via invalid DH keys
    - CVE-2016-5285
  * SECURITY UPDATE: small subgroup confinement attack
    - CVE-2016-8635
  * SECURITY UPDATE: insufficient mitigation of timing side-channel attack
    - CVE-2016-9074
  * debian/rules: added libfreeblpriv3.so.
  * debian/libnss3.symbols: updated for new version, added
    SSL_GetCipherSuiteInfo and SSL_GetChannelInfo as they are not backwards
    compatible.
  * debian/patches/*.patch: refreshed for new version.
  * debian/rules: disable tests that fail to build with old GCC.
  * debian/patches/disable_chacha_test.patch: removed, no longer required.

applied/ubuntu/zesty 2016-12-02 14:58:12 UTC 2016-12-02
Import patches-applied version 2:3.26.2-1ubuntu1 to applied/ubuntu/zesty-prop...

Author: Marc Deslauriers
Author Date: 2016-12-02 13:48:03 UTC

Import patches-applied version 2:3.26.2-1ubuntu1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: ff19876c6c2207af959b310c4c9c43dac75032c2
Unapplied parent: 9758dc43c588d40ec253a55430b984682cbd16eb

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

ubuntu/zesty 2016-12-02 14:58:12 UTC 2016-12-02
Import patches-unapplied version 2:3.26.2-1ubuntu1 to ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2016-12-02 13:48:03 UTC

Import patches-unapplied version 2:3.26.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c4a3818fc25ad39f7527db4313a42e9cafe2fc36

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

ubuntu/zesty-proposed 2016-12-02 14:58:12 UTC 2016-12-02
Import patches-unapplied version 2:3.26.2-1ubuntu1 to ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2016-12-02 13:48:03 UTC

Import patches-unapplied version 2:3.26.2-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: c4a3818fc25ad39f7527db4313a42e9cafe2fc36

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

applied/ubuntu/zesty-proposed 2016-12-02 14:58:12 UTC 2016-12-02
Import patches-applied version 2:3.26.2-1ubuntu1 to applied/ubuntu/zesty-prop...

Author: Marc Deslauriers
Author Date: 2016-12-02 13:48:03 UTC

Import patches-applied version 2:3.26.2-1ubuntu1 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: ff19876c6c2207af959b310c4c9c43dac75032c2
Unapplied parent: 9758dc43c588d40ec253a55430b984682cbd16eb

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

applied/ubuntu/yakkety-proposed 2016-09-06 13:35:16 UTC 2016-09-06
Import patches-applied version 2:3.26-1ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Matthias Klose
Author Date: 2016-09-06 12:39:56 UTC

Import patches-applied version 2:3.26-1ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: ef87e3b661e0ee3a8595f0f9aa9242d01ac5152a
Unapplied parent: c92e572bd80257c9db07eb8d8732166fa4f3576e

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

ubuntu/yakkety 2016-09-06 13:35:16 UTC 2016-09-06
Import patches-unapplied version 2:3.26-1ubuntu1 to ubuntu/yakkety-proposed

Author: Matthias Klose
Author Date: 2016-09-06 12:39:56 UTC

Import patches-unapplied version 2:3.26-1ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 7467d2af85bfe64fe4f2134dc2291a75ca89001b

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

ubuntu/yakkety-proposed 2016-09-06 13:35:16 UTC 2016-09-06
Import patches-unapplied version 2:3.26-1ubuntu1 to ubuntu/yakkety-proposed

Author: Matthias Klose
Author Date: 2016-09-06 12:39:56 UTC

Import patches-unapplied version 2:3.26-1ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 7467d2af85bfe64fe4f2134dc2291a75ca89001b

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

applied/ubuntu/yakkety 2016-09-06 13:35:16 UTC 2016-09-06
Import patches-applied version 2:3.26-1ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Matthias Klose
Author Date: 2016-09-06 12:39:56 UTC

Import patches-applied version 2:3.26-1ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: ef87e3b661e0ee3a8595f0f9aa9242d01ac5152a
Unapplied parent: c92e572bd80257c9db07eb8d8732166fa4f3576e

New changelog entries:
  * Merge with Debian; remaining changes:
    - When building with -O3, build with -Wno-error=maybe-uninitialized.

ubuntu/wily-updates 2016-07-11 16:59:05 UTC 2016-07-11
Import patches-unapplied version 2:3.23-0ubuntu0.15.10.1 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-07-07 17:14:23 UTC

Import patches-unapplied version 2:3.23-0ubuntu0.15.10.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: c611ba7a1a56820beb3db1f0e0bd3397e52fa83d

New changelog entries:
  * Updated to upstream 3.23 to fix a security issue and get a new CA
    certificate bundle.
  * SECURITY UPDATE: multiple memory safety issues
    - CVE-2016-2834
  * debian/control: bump libnspr4-dev Build-Depends to 2:4.12.
  * debian/libnss3.symbols: updated for new version.
  * debian/patches/CVE-2016-1950.patch: dropped, upstream.
  * debian/patches/ftbfs_ppc64el.patch: dropped, no longer needed.
  * debian/patches/relax_dh_size.patch: removed, now require a minimum DH
    size of 1023 bits.
  * debian/patches/*.patch: refreshed for new version.

ubuntu/wily-devel 2016-07-11 16:59:05 UTC 2016-07-11
Import patches-unapplied version 2:3.23-0ubuntu0.15.10.1 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-07-07 17:14:23 UTC

Import patches-unapplied version 2:3.23-0ubuntu0.15.10.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: c611ba7a1a56820beb3db1f0e0bd3397e52fa83d

New changelog entries:
  * Updated to upstream 3.23 to fix a security issue and get a new CA
    certificate bundle.
  * SECURITY UPDATE: multiple memory safety issues
    - CVE-2016-2834
  * debian/control: bump libnspr4-dev Build-Depends to 2:4.12.
  * debian/libnss3.symbols: updated for new version.
  * debian/patches/CVE-2016-1950.patch: dropped, upstream.
  * debian/patches/ftbfs_ppc64el.patch: dropped, no longer needed.
  * debian/patches/relax_dh_size.patch: removed, now require a minimum DH
    size of 1023 bits.
  * debian/patches/*.patch: refreshed for new version.

1100 of 250 results

Other repositories

Name Last Modified
lp:ubuntu/+source/nss 2019-09-07
lp:~kstenerud/ubuntu/+source/nss 2019-02-04
lp:~paelzer/ubuntu/+source/nss 2018-11-19
13 of 3 results
You can't create new repositories for nss in Ubuntu.