- version 3.15.2

* Support for AES-GCM ciphersuites that use the SHA-256 PRF * MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs * Add PK11_CipherFinal macro * sizeof() used incorrectly * nssutil_ReadSecmodDB() leaks memory * Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. * Deprecate the SSL cipher policy code * Avoid uninitialized data read in the event of a decryption failure. (CVE-2013-1739) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/mozilla-nss?expand=0&rev=134
2013-09-28 08:17:22 +00:00 · 2013-09-28 08:17:22 +00:00 · 5163190a91
commit 5163190a91
parent a2949dce64
1 changed files with 12 additions and 12 deletions
--- a/mozilla-nss.changes
+++ b/mozilla-nss.changes
@ -1,18 +1,18 @@
 -------------------------------------------------------------------
 Sat Sep 28 04:20:41 UTC 2013 - crrodriguez@opensuse.org

-version 3.15.2
- Support for AES-GCM ciphersuites that use the SHA-256 PRF 
- MD2, MD4, and MD5 signatures are no longer accepted for OCSP 
-  or CRLs, 
- Add PK11_CipherFinal macro
- sizeof() used incorrectly
- nssutil_ReadSecmodDB() leaks memory
- Allow SSL_HandshakeNegotiatedExtension to be called before 
-  the handshake is finished.
- Deprecate the SSL cipher policy code
- (CVE-2013-1739) Avoid uninitialized data read in the 
-   event of a decryption failure.
+- version 3.15.2
+  * Support for AES-GCM ciphersuites that use the SHA-256 PRF
+  * MD2, MD4, and MD5 signatures are no longer accepted for OCSP
+    or CRLs
+  * Add PK11_CipherFinal macro
+  * sizeof() used incorrectly
+  * nssutil_ReadSecmodDB() leaks memory
+  * Allow SSL_HandshakeNegotiatedExtension to be called before
+    the handshake is finished.
+  * Deprecate the SSL cipher policy code
+  * Avoid uninitialized data read in the event of a decryption
+    failure. (CVE-2013-1739)

 -------------------------------------------------------------------
 Fri Jul  5 08:08:57 UTC 2013 - lnussel@suse.de