lp:ubuntu/saucy-security/nss

Created by Ubuntu Package Importer on 2013-11-18 and last modified on 2014-04-02
Get this branch:
bzr branch lp:ubuntu/saucy-security/nss
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

47. By Marc Deslauriers on 2014-04-02

* SECURITY UPDATE: incorrect IDNA wildcard handling
  - debian/patches/CVE-2014-1492.patch: conform to RFC 6125 in
    nss/lib/certdb/certdb.c.
  - CVE-2014-1492
* No longer ship cacert.org certificates. (LP: #1258286)
  - removed debian/patches/95_add_spi+cacert_ca_certs.patch
  - added debian/patches/95_add_spi_certs.patch

46. By Marc Deslauriers on 2014-01-22

* SECURITY UPDATE: MITM attack via TLS False Start
  - CVE-2013-1740
* Adjusted packaging for new upstream release 3.15.4:
  - debian/patches/*: refreshed.
  - debian/libnss3.symbols: added new symbols.

45. By Marc Deslauriers on 2013-12-20

* SECURITY UPDATE: New upstream release (LP: #1263135)
  - Distrusts AC DG Tresor SSL CA

44. By Marc Deslauriers on 2013-11-14

* SECURITY UPDATE: New upstream release to fix multiple security issues
  - CVE-2013-1739
  - CVE-2013-1741
  - CVE-2013-5605
  - CVE-2013-5606

43. By Marc Deslauriers on 2013-09-19

* Merge from Debian unstable. FFe: (LP: #1219279)
  Remaining changes:
  - control: Change Vcs-* to XS-Debian-Vcs-*.
  - rules: Include libnssb.a and libnssckfw.a in the -dev package.

42. By Jamie Strandboge on 2013-03-13

* New upstream release with merged changes from Debian unstable for
  2:3.14.2-1. Remaining changes:
  - control: Change Vcs-* to XS-Debian-Vcs-*.
  - rules: Include libnssb.a and libnssckfw.a in the -dev package.
* debian/libnss3.symbols: add NSS_3.14.3 symbols

41. By Jamie Strandboge on 2013-01-14

* Merge from Debian unstable. Remaining changes:
  - control: Change Vcs-* to XS-Debian-Vcs-*.
  - rules: Include libnssb.a and libnssckfw.a in the -dev package.

40. By Timo Aaltonen on 2012-11-27

* Merge from Debian unstable. Remaining changes:
  - control: Change Vcs-* to XS-Debian-Vcs-*.
  - rules: Include libnssb.a and libnssckfw.a in the -dev package.

39. By Marc Deslauriers on 2012-08-16

* SECURITY UPDATE: denial of service in QuickDER decoder
  - debian/patches/CVE-2012-0441.patch: properly handle zero-length basic
    constraints and zero-length fields in
    nss/mozilla/security/nss/lib/softoken/legacydb/keydb.c,
    nss/mozilla/security/nss/lib/softoken/legacydb/lgcreate.c,
    nss/mozilla/security/nss/lib/softoken/legacydb/lowkey.c,
    nss/mozilla/security/nss/lib/softoken/legacydb/lowkeyti.h,
    nss/mozilla/security/nss/lib/util/quickder.c.
  - CVE-2012-0441

38. By Timo Aaltonen on 2012-02-27

Add protect-against-calls-before-nss_init.patch (RHBZ #784672).

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/trusty/nss
This branch contains Public information 
Everyone can see this information.

Subscribers