-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
FESCo met today to address the NSS BEAST patch that left all software using NSS vulnerable
to the BEAST[0] vulnerability. The decision was made to implement the patch that fixes
this vulnerablity in F19 and F20. There are some programs that may have difficulties with
this fix. While the fix will go in as soon as possible the change in F19 will not be
applied until some testing has been completed.
Information on this fix is in Bugzilla[1]. If your package depends on NSS you should
definitely test this patch before it goes live in order to determine if it breaks
functionality (information on the BZ ticket on how to disable the fix if needed).
[0]
https://en.wikipedia.org/wiki/BEAST_%28computer_security%29#BEAST_attack
[1]
https://bugzilla.mozilla.org/show_bug.cgi?id=665814
- -- Eric
- --------------------------------------------------
Eric "Sparks" Christensen
Fedora Project
sparks(a)fedoraproject.org - sparks(a)redhat.com
097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQGcBAEBCgAGBQJSXvf/AAoJEB/kgVGp2CYvN9cL/RQ0iNRgn//6qgggi7aP2VBN
8AeYhxMCLrYMLCHoK5L1NFa85XjkPzyVStEZK5mUh/2YGHMSI5sA0cCOFQlZfB5T
j4LzuKobc5QdcyAntROsMmBP00yJlRnzfCnyl7CPKMN4GAV582R1I8hkvMsCtZat
KvwPFenrkVTEORTf/UG86Ztu92SjWEcbEmmAzp715aui66OuvyROqtS4sxsdGKfL
cklIvsYTEA11+Adju4rdJGGOGZ6AuczM8VNqw4c4rOWjBbNbQl+a2sgdOSqLnaDC
vuO6MIBaXabuWfpkmWwQmIIWCwslZmnMlA2pNvdjkZ4+6fsIXPGyDI65V2CoJ54i
UxBLGBluiIazwAXTmVk+3FhhECyGZ2KzNj0T49tbtYtIrFquW9K68U9Zo67Zaeh2
AXCz5ILVHJcSxYQqaYO2am0maMN4WKY0DF3VeXWRgSMNM033e0tS87HPttmI0RDo
JMW3yxNSaB8yp3YcG77kDwCAnu8cZmrPYAk843Zi3A==
=YObr
-----END PGP SIGNATURE-----