lp:debian/squeeze/nss
- Get this branch:
- bzr branch lp:debian/squeeze/nss
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 19. By Salvatore Bonaccorso
-
* Non-maintainer upload by the Security Team.
* Add CVE-2013-5605.patch.
CVE-2013-5605: Null_Cipher() does not respect maxOutputLen; allowing
remote attackers to cause a denial of service or possibly have
unspecified other impact via invalid handshake packets. - 18. By Mike Hommey <email address hidden>
-
Explicitly distrust two intermediate CA certificates mis-issued by
TURKTRUST. - 17. By Mike Hommey <email address hidden>
-
* Address CVE-2012-0441 (Insufficient length checking in QuickDER decoder)
* debian/rules: Work around NSS not building on Linux 3.x kernels. - 16. By Mike Hommey <email address hidden>
-
* Explicitly distrust malaysian Digicert Sdn. Bhd CA certificate.
* Address CVE-2011-3640 (Untrusted search path vulnerability).
Closes: #647614. - 15. By Mike Hommey <email address hidden>
-
* mozilla/
security/ nss/lib/ ckfw/builtins/ certdata. *:
Explicitely distrust various DigiNotar CAs:
- DigiNotar Root CA
- DigiNotar Services 1024 CA
- DigiNotar Cyber CA
- DigiNotar Cyber CA 2nd
- DigiNotar PKIoverheid
- DigiNotar PKIoverheid G2 - 14. By Mike Hommey <email address hidden>
-
* debian/rules: Fallback to DEB_BUILD_ARCH when dpkg-architecture does't
support DEB_BUILD_ARCH_BITS.
* debian/control: Lower build depends on dpkg-dev to (>= 1.13.19), which
was the value before starting to use DEB_BUILD_ARCH_BITS.
* mozilla/security/ nss/lib/ ckfw/builtins/ certdata. *: Mark fraudulent
Comodo certificates as untrusted. - 13. By Mike Hommey <email address hidden>
-
* New upstream release.
* debian/patches/*: Refresh patches.
* debian/patches/ series:
+ lower-dhe-priority. patch: Upstream patch from bz#583337 to lower DHE
priority. Closes: #592315. - 12. By Mike Hommey <email address hidden>
-
* New upstream release.
* debian/patches/*: Refresh patches.
* debian/control:
- Bump Standards-Version to 3.9.1.0.
- Build depend on libnspr4-dev >= 4.8.6.
* debian/libnss3- 1d.symbols: Simplify symbols file and add new symbols.
* debian/rules: Bump shlibs. - 11. By Mike Hommey <email address hidden>
-
* debian/rules:
+ Sign libnssdbm3.so. Closes: #588806.
+ Test that the FIPS mode can be properly enabled during build.
* debian/control:
+ Remove conflicts with very old packages.
+ Bump Standards-Version to 3.9.0.0. - 10. By Mike Hommey <email address hidden>
-
* debian/
patches/ series:
+ 00_ckbi_1.79.patch: New patch to update CKBI to 1.79.
+ 95_add_spi+cacert_ ca_certs. patch: Refreshed against CKBI 1.79.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)