-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-3956 2010-03-09 02:59:50 --------------------------------------------------------------------------------

Name : nss Product : Fedora 12 Version : 3.12.6 Release : 1.2.fc12 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

-------------------------------------------------------------------------------- Update Information:

Update to NSS 3.12.6 The primary feature of NSS 3.12.6 is support for the TLS Renegotiation Indication Extension, RFC 5746. -------------------------------------------------------------------------------- ChangeLog:

* Sat Mar 6 2010 Elio Maldonado emaldona@redhat.com - 3.12.6-1.2 - Rebuilt with all tests enabled * Sat Mar 6 2010 Elio Maldonado emaldona@redhat.com - 3.12.6-1.1 - Update to 3.12.6 - Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period - Patch tools to validate command line options arguments * Mon Jan 25 2010 Elio Maldonado emaldona@redhat.com - 3.12.5-8 - Fix curl related regression and general patch code clean up * Wed Jan 13 2010 Elio Maldonado emaldona@redhat.com - 3.12.5-7 - Retagged * Wed Jan 13 2010 Elio Maldonado emaldona@redhat.com - 3.12.5-6 - retagging * Tue Jan 12 2010 Elio Maldonado emaldona@redhat.com - 3.12.5-2.1 - Fix SIGSEGV on call of NSS_Initialize (#553638) * Wed Jan 6 2010 Elio Maldonado emaldona@redhat.com - 3.12.5-2 - bump release number and rebuild * Wed Jan 6 2010 Elio Maldonadoemaldona@redhat.com - 3.12.5-1.14 - Fix nsssysinit to allow root to modify the nss system database (#547860) * Wed Jan 6 2010 Elio Maldonadoemaldona@redhat.com - 3.12.5-1.12.1 - Temporarily disabling the ssl tests until Bug 539183 is resolved * Fri Dec 25 2009 Elio Maldonadoemaldona@redhat.com - 3.12.5-1.11 - Fix an error introduced when adapting the patch for 546211 * Sat Dec 19 2009 Elio maldonadoemaldona@redhat.com - 3.12.5-1.10 - Remove some left over trace statements from nsssysinit patching * Thu Dec 17 2009 Elio Maldonadoemaldona@redhat.com - 3.12.5-1.8 - Fix nsssysinit to set the default flags on the crypto module (#545779) - Fix nsssysinit to enable apps to use the system cert store, patch contributed by David Woodhouse (#546221) - Fix segmentation fault when listing keys or certs in the database, patch contributed by Kamil Dudka (#540387) - Sysinit requires coreutils for post install scriplet (#547067) - Remove redundant header from the pem module * Wed Dec 9 2009 Elio Maldonadoemaldona@redhat.com - 3.12.5-2.1 - Remove unneeded patch * Fri Dec 4 2009 Elio Maldonadoemaldona@redhat.com - 3.12.5-1.2 - Update to 3.12.5 - CVE-2009-3555 TLS: MITM attacks via session renegotiation * Mon Oct 26 2009 Elio Maldonadoemaldona@redhat.com - 3.12.4-15 - Require nss-softoken of same arch as nss (#527867) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation https://bugzilla.redhat.com/show_bug.cgi?id=533125 --------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use su -c 'yum update nss' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------