pool/mozilla-nss
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

(MFSA 2015-70/CVE-2015-4000)

Browse Source 
* NSS incorrectly permits skipping of ServerKeyExchange
    (bmo#1086145) (MFSA 2015-71/CVE-2015-2721)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=187
This commit is contained in:
Wolfgang Rosenauer 2015-07-03 05:51:39 +00:00 committed by Git OBS Bridge
parent 440894e094
commit 11da47024a
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
mozilla-nss.changes
View File

@ -33,11 +33,14 @@ Sun May 31 13:22:47 UTC 2015 - wr@rosenauer.org
* The minimum strength of keys that libssl will accept for * The minimum strength of keys that libssl will accept for
finite field algorithms (RSA, Diffie-Hellman, and DSA) have finite field algorithms (RSA, Diffie-Hellman, and DSA) have
been increased to 1023 bits (bmo#1138554). been increased to 1023 bits (bmo#1138554).
(MFSA 2015-70/CVE-2015-4000)
* NSS reports the bit length of keys more accurately. Thus, * NSS reports the bit length of keys more accurately. Thus,
the SECKEY_PublicKeyStrength and SECKEY_PublicKeyStrengthInBits the SECKEY_PublicKeyStrength and SECKEY_PublicKeyStrengthInBits
functions could report smaller values for values that have functions could report smaller values for values that have
leading zero values. This affects the key strength values that leading zero values. This affects the key strength values that
are reported by SSL_GetChannelInfo. are reported by SSL_GetChannelInfo.
* NSS incorrectly permits skipping of ServerKeyExchange
(bmo#1086145) (MFSA 2015-71/CVE-2015-2721)
------------------------------------------------------------------- -------------------------------------------------------------------
Sat May 23 07:36:27 UTC 2015 - wr@rosenauer.org Sat May 23 07:36:27 UTC 2015 - wr@rosenauer.org