[ubuntu/artful-proposed] nss 2:3.28.4-0ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Apr 27 17:42:14 UTC 2017
nss (2:3.28.4-0ubuntu1) artful; urgency=medium
* Updated to upstream 3.28.4 to fix security issues and get a new CA
certificate bundle.
* SECURITY UPDATE: DES and Triple DES ciphers birthday attack
- CVE-2016-2183
* SECURITY UPDATE: out-of-bounds write in Base64 decoding
- CVE-2017-5461
* debian/patches/*.patch: refreshed for new version.
* debian/control: bump libnspr4-dev to 4.13.1.
* debian/libnss3.symbols: added new symbols.
Date: Thu, 27 Apr 2017 13:13:44 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 27 Apr 2017 13:13:44 -0400
Source: nss
Binary: libnss3 libnss3-tools libnss3-dev libnss3-dbg
Architecture: source
Version: 2:3.28.4-0ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libnss3 - Network Security Service libraries
libnss3-dbg - Debugging symbols for the Network Security Service libraries
libnss3-dev - Development files for the Network Security Service libraries
libnss3-tools - Network Security Service tools
Changes:
nss (2:3.28.4-0ubuntu1) artful; urgency=medium
.
* Updated to upstream 3.28.4 to fix security issues and get a new CA
certificate bundle.
* SECURITY UPDATE: DES and Triple DES ciphers birthday attack
- CVE-2016-2183
* SECURITY UPDATE: out-of-bounds write in Base64 decoding
- CVE-2017-5461
* debian/patches/*.patch: refreshed for new version.
* debian/control: bump libnspr4-dev to 4.13.1.
* debian/libnss3.symbols: added new symbols.
Checksums-Sha1:
06e3ba300f51458996c809afb05ba2806cf4e5c4 2332 nss_3.28.4-0ubuntu1.dsc
f358559b9c058ec9ee54cca222722c671131f5cb 7453282 nss_3.28.4.orig.tar.gz
110170975a318551cc9d4b9e49dd5efa0291b8eb 25972 nss_3.28.4-0ubuntu1.debian.tar.xz
1336170e40c857dd3c77c967b4d5d6388b0f6fc0 5697 nss_3.28.4-0ubuntu1_source.buildinfo
Checksums-Sha256:
aff8a1e2dbb2648de016fbfb81b35fcd125729a29ed6ca21060ee6ae79847f9c 2332 nss_3.28.4-0ubuntu1.dsc
d5d4761778b8d4c378b2174c9e13e7abd20a6961f557d4fcc029af723ffd7189 7453282 nss_3.28.4.orig.tar.gz
1def2280e9df833b27bc5ff04f6229ffd7c8444f2057238fb2fd8ac61501e052 25972 nss_3.28.4-0ubuntu1.debian.tar.xz
de9f00d580d67a5619a76ec783b6e504b4f4b827e6fc255dd18fdf3dfffeb2f5 5697 nss_3.28.4-0ubuntu1_source.buildinfo
Files:
385253a87f9b0172024d5ba29804d763 2332 libs optional nss_3.28.4-0ubuntu1.dsc
e2374d514120e200986f1a4c97c09ed3 7453282 libs optional nss_3.28.4.orig.tar.gz
18fd562962d691d7ced27d022260386c 25972 libs optional nss_3.28.4-0ubuntu1.debian.tar.xz
698b2c98cf95c50af243aeaa392c863c 5697 libs optional nss_3.28.4-0ubuntu1_source.buildinfo
Original-Maintainer: Maintainers of Mozilla-related packages <pkg-mozilla-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJZAix8AAoJEGVp2FWnRL6T5sEP/0T8S9M0fBLapnRt6uragAeQ
jtT1+e3q/waYx6P0SYh/fDtD7AyMf0b7x4f8jy7Q3xGPIbKbHqOYzbZ8D3WfAXav
TwC+tcDyynL+83PbwJLLTJCR0O4n8J5Wlw0BaEElouitkX2EqcWNK1mHVnossI/I
hXkhNI4uknP0iXdCltkCQgYdSMtjvXFoBdMW5prAnWpKUGboHLnoDRcs8HusoyRh
UD4kQZ/TiJ0TW4zEXUwXudz3WKtFsG4sc/S38wr2ISBWt4yxNy29UphldrSTRnAw
pcF+IVVppfmvDSMG0mSIa8CHzUdpKALXK6izOUe6niCUcSBlUkSko17I1g80tD64
zYddb/ZV/pEF8czMLjN2KMizzkk7jzKeU8ken1kpQYoWYUZijESiXpknOrgjZWo7
0hGpyX4/jbC3rGeUt3hqNAna+E4iowqInnSNdELGDfUBlmB0cbQK99vtkw33ZDEt
cl4JF82CH2A6yR0RlF0BlRycoCocTElUzFI/Eai74wvGe9clRo8m0JEwVebXjPMa
+6mPTLROK4xf6mouv+L4HzAXnD+hST5I9LLeVnQJj0HQ/jNfkoFvXPjDlQqkOnBg
KryfM5rllkd5UNjlPg3z7D5Q7ynhzqJKolbZo/qb4xi4NV+Z8FKgaBWTDQIrWjQn
sL9Gs4/GOf3rewpV69ZM
=NltY
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list