lp:ubuntu/quantal/nss

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

39. By Marc Deslauriers on 2012-08-16

* SECURITY UPDATE: denial of service in QuickDER decoder
  - debian/patches/CVE-2012-0441.patch: properly handle zero-length basic
    constraints and zero-length fields in
    nss/mozilla/security/nss/lib/softoken/legacydb/keydb.c,
    nss/mozilla/security/nss/lib/softoken/legacydb/lgcreate.c,
    nss/mozilla/security/nss/lib/softoken/legacydb/lowkey.c,
    nss/mozilla/security/nss/lib/softoken/legacydb/lowkeyti.h,
    nss/mozilla/security/nss/lib/util/quickder.c.
  - CVE-2012-0441

38. By Timo Aaltonen on 2012-02-27

Add protect-against-calls-before-nss_init.patch (RHBZ #784672).

37. By Timo Aaltonen on 2012-02-19

Include libnssckfw.a in the -dev package, also needed by
mod_revocator.

36. By Timo Aaltonen on 2012-02-19

Include libnssb.a in the -dev package, needed by mod_revocator.

35. By Chris Coulson on 2012-01-12

* Fix LP: #915069 - Add patch from upstream to fix an error in pkcs11n.h
  - add debian/patches/98_fix_header_error.patch
  - update debian/patches/series

34. By Timo Aaltonen on 2011-12-12

Fix lintian overrides to just list the soname warning to ignore
and not list the paths, which would break installing multiarched libs.

33. By Timo Aaltonen on 2011-11-30

* Merge from Debian testing. Remaining changes:
  - Ship the main SO files in an unversioned binary, as we don't have
    versioned SO's in Ubuntu. Maintain a transitional versioned binary
    package containing the versioned symlinks, to maintain compatibility
    with Debian
    * update control, rules
    * mass rename libnss3-1d* => libnss3*
  - Fix postinst-must-call-ldconfig - dh_makeshlibs doesn't seem to add
    the maintainer script hooks with the unversioned SO files, so add
    them manually
    * add libnss3.postinst, libnss3.postrm
  - rules: Add support for mozilla-devscripts.
  - control: Change Vcs-* to XS-Debian-Vcs-*.
* control: Fix typo (LP: #855424)
* Bugs fixed by the merge:
  - Using dh now (LP: #613477)
  - Adds 85_security_load.patch (LP: #315096)

32. By Adam Conrad on 2011-09-21

No-change rebuild to force a version bump, forcing upgrades,
and restoring the deleted library that ca-certificates ate.

31. By Micah Gersten on 2011-09-09

* SECURITY UPDATE: Add patch from Debian version 3.12.11-3 rebased against
  3.12.9 to remove the DigiNotar certificates and actively distrust them;
  Thanks to Mike Hommey from Debian for the original patch (LP: #837557)
  - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
    Explicitely distrust various DigiNotar CAs:
    - DigiNotar Root CA
    - DigiNotar Services 1024 CA
    - DigiNotar Cyber CA
    - DigiNotar Cyber CA 2nd
    - DigiNotar PKIoverheid
    - DigiNotar PKIoverheid G2
  - mozilla/security/nss/lib/ckfw/builtins/certdata.*:
    Remove DigiNotar Root CA.
* Add a symlink from Linux2.6.mk to Linux3.0.mk; This is a temporary hack to
  let NSS build on a 3.0.x kernel
  - update debian/rules

30. By Matthias Klose on 2011-05-17

nss-config, nss.pc: Fix multiarch libdir location. LP: #778726.